All Posts

August 21, 2019

Why cloud computing creates a security threat

Written by David Corchado
Find me on:

The city of Baltimore recently made headlines for all the wrong reasons: a ransomware attack on the city’s computer systems that paralyzed and embarrassed the city for weeks. The city refused to pay the unknown perpetrator $75,000, and the resulting attack on data and operations has cost the city more than $18 million, NPR reports.

Unfortunately, Baltimore is not alone. Both public and private organizations are increasingly under attack from cyber criminals. To help organizations understand how to prepare for the reality of cybercrime, Investis Digital has published a new white paper, A Rising Tide: An Overview of Securing Public Websites in the Cloud.

Why Are Security Attacks Increasing?

The publication of A Rising Tide comes at a time when cybersecurity has become a CEO-level problem for businesses to address. As our own CEO Don Scales recently discussed in a Forbes column, “Five Ways CEOs Can Take a More Personal Approach to Cybersecurity,” cyberthreats are one of the top concerns CEOs face, especially as more businesses host their data on the cloud.

As we note in our guide, the cloud infrastructure market continues to see explosive growth. According to Gartner, the global public cloud services market will grow 17.3 percent in 2019 to total $206.2 billion, up from $175.8 billion in 2018. Per IDC, cloud computing is growing seven times faster than the rest of the information technology sector.

To be sure, hosting public websites in the cloud makes your business more flexible and scalable. These benefits are undeniable. But doing so also incurs risk. Cloud components need to be properly architected together for peak performance, and each component comes with its own potential for exploitation from malicious activity.

Cloud vendors design components for security, but the disassembly of computing functions into microservices broadens your attack profile, opening up new potential vulnerabilities.

Applications that businesses use to manage cloud deployments also pose a significant risk in cloud security, as demonstrated by the 2018 attack of Tesla in which a Kubernetes cloud control application was exploited to siphon power from Tesla’s cloud network to cryptocurrencies.

Just How Bad Are Cyberattacks Getting?

As more businesses use the cloud, the number of attacks on cloud based platforms is increasing dramatically. The number of attacks against SaaS services jumped from 13 percent of all attacks in 2017 to 41 percent in 2018, according to NetScout. In addition, attacks are getting more sophisticated, with multiple vectors and longer in duration.

According to NetScout’s 14th Annual Worldwide Infrastructure Security Report, 34 percent of businesses surveyed by NetScout in 2018 reported attacks on third party data centers, up from 11 percent the year before. And no sector is safe. We have learned from our own monitoring tools is that depending on the industry that your business operates in, you may be at even bigger risk, as this table shows:

 

Infoguard Cyber Security’s 5 Industries that Top the Hit List of Cyber Criminals in 2017

 

With even minor attacks comes the risk of significant financial impact. Consider:

These costs are even higher for certain industries and countries, according to Accenture’s Ninth Annual The Cost of Cybercrime study, published in 2019:

Ninth Annual The Cost of Cybercrime study

The fact is, managing cloud security is getting more and more challenging by the day. Hackers are constantly devising new ways to attack a business, making it necessary for businesses to manage security as a full-time process.

Download Our New White Paper

Our white paper, A Rising Tide: An Overview of Securing Public Websites in the Cloud, dives into the steps we take to fight threats. The white paper is based on our extensive experience hosting clients’ content on our Connect.ID platform. Consider our white paper to be a template for how you should:

  • Partner with a security software partner for protection.
  • Hire a security team full of experts.
  • Enable infrastructure teams with deep security expertise.
  • Maintain code builds to protect against security risks.

Download the guide now to ensure your website is secure and protected against vulnerabilities.

Subscribe to Email Updates