How to Avoid Cloud Account Hijacking Attacks

{authorName}

Tech Insights for ProfessionalsThe latest thought leadership for IT pros

Thursday, June 17, 2021

Cloud account hijacking is one of many threats that businesses need to address before it’s too late. Here are some effective yet simple tips you can adopt to prevent these types of attacks.

Article 5 Minutes
How to Avoid Cloud Account Hijacking Attacks
  • Home
  • IT
  • Cloud
  • How to Avoid Cloud Account Hijacking Attacks

As more companies store their data in the cloud, it becomes an attractive target for hackers and criminals. Cloud account hijacking is one of the latest attempts to seize control of services and data for criminal purposes, leaving CISOs and IT managers with another headache as they look to defend businesses that demand an ever-growing cloud footprint. A recent cloud security study from IFP revealed that account hijacking is the biggest threat.

In the rush for productivity improvements and cost reductions, CIOs are migrating to the cloud from their own servers and on-premises applications. Many new firms are operating cloud-first, with none of the legacy baggage of their predecessors.

But those burgeoning databases of customer information, business data, proprietary information and - best of all - bank or credit card details, make a tempting target for criminals armed with years of experience in phishing attacks to gain access details and knowledge of many cloud service weak spots to claim their loot.

Strong cloud security requires strong leadership

Equip your team with the right tools to improve visibility, reduce risk & respond to threats faster.

VISIT THE HUB

What is cloud account hijacking?

Cloud account hijacking is just one of many threats that CISOs and IT needs to address when accounts are compromised by malicious actors.

The typical cloud hijacking goes something like this:

  • A company doesn’t change its default cloud service password
  • Some cloud access credentials are exposed somewhere
  • Someone in the company falls victim to a phishing attack
“Hi, it’s John in accounts. Can I borrow your login details for a new user? His details aren’t coming through somehow…”
 

While most tech workers are well aware of the risks and get training about phishing and other attacks, it takes just one stressed worker with enough on their plate to reply, and the damage is done.

Once a criminal has sufficient privileges and access to any cloud service, they can lock legitimate users out, or steal the data stored in that service. Imagine an entire company being locked out of its productivity applications, or the finance team blocked from accessing the company’s accounts.

While some cloud service providers will have security to limit these types of breaches and hijacks, it’s up to the business to secure its cloud and ensure access is protected.

 

What are the risks associated with cloud account hijacking?

Losing access to your company data is just the start of many business nightmare scenarios. The data could be hijacked and held for ransom, as in many profile cases, most recently, the US Colonial Pipeline attack where the firm paid $5 million in an attempt to restore services and recover a reported 100GB of cloud data.

In most instances, firms are locked out of their applications and data, and even if they pay a ransom, services are never returned. This means the business needs to recover data from existing and accessible backups, and restore their services afresh.

Even in less extreme examples, a company can lose hours or days of work if their cloud is hijacked, and have to catch up in a hectic series of updates once access is restored. Not only do firms lose money, but they can also fall behind on orders or production, and if the issue becomes public, companies can suffer reputational damage and lose orders as a result.

Request your copy

Tips to prevent account hijacking attacks in the cloud

The best defense for any cloud is a multi-layered approach to security. This starts with the human factor, with top-down awareness through the business of the risks, training about phishing and scams.

1. Close collaboration between CIOs and CISOs is key

When researching various cloud providers or replacing ones that don’t provide adequate security protection, it’s vital that CIOs collaborate closely with CISOs. That goes for services, compute and storage, ensuring they meet compliance and governance standards, and the other complexities of a modern cloud.

2. Restrict access to cloud services to authorized users

The IT team needs to ensure that each service is secure, that only authorized users have access to services, and every credential and password is secured. Most cloud services require additional layers of protection like cloud access security brokers (CASBs), next-gen firewalls and other tools.

3. Embrace cloud tokenization

When it comes to protecting regulated data like credit card details, personally identifiable information (PII) and government or health codes, many firms are adopting cloud tokenization to support or replace encryption tools. Another step forward is in zero trust solutions that add verification layers to ensure only legitimate access is granted to valid users. 

4. A cloud disaster recovery plan is a must

Firms also need to have adequate disaster recovery procedures in place that are regularly tested to work as the cloud footprint grows, big data creates pressure on the business to adopt more automation and fresh risks are created.

There’s no one size fits all solution to cloud security. Instead, each CISO, IT security or cloud leader and team will have to build their own approach that meets the business needs, while providing the most flexible and rigorous layers of defense. And every time a new cloud service is adopted, they’ll need to ensure it’s integrated into the security scheme and doesn’t create any new weak points.

Cloud security is a never-ending battle, with new threats appearing, employees finding creative ways to work that may create a risk, the creation of shadow IT being one of the most critical, and criminals exploiting new avenues of attack. Increasingly automated protection services will help IT create these defenses, but CISOs will need to fight for the budget to adopt them, and ensure that manual oversight is alert to each and every issue, ready to react if needed.

Further reading:

 

Tech Insights for Professionals

The latest thought leadership for IT pros

Insights for Professionals provide free access to the latest thought leadership from global brands. We deliver subscriber value by creating and gathering specialist content for senior professionals.

Comments

Join the conversation...