Attacks on Cloud Computing
are the Vulnerabilities present? What can be done?
For years the internet
has been represented on network diagram by a cloud symbol when a variety of new
services started to emerge that permitted computing resources to be accessed
over the internet termed Cloud computing. Cloud computing is one of the latest
emerging innovation of the modern internet and technological landscape. Cloud
computing enclose activities like use of social networking sites and other
forms of social computing. Cloud computing is a way to increase the capacity or
add capabilities naturally without investing in new infrastructure. With everyone
from primary to major online technological leaders like Amazon, Microsoft and
Google presents itself as an exciting and innovative method to sore and use
data on the internet. Despite of the uses surrounding the cloud, customers are
still unwilling to deploy their resources or their business in the cloud. The
security issues in cloud computing as played a vital role in slowing down the
Figure 1: Cloud
types services provided by the cloud:
Cloud computing is not
a piece of technology, it is a system, basically has three services:
infrastructure as a service, Software as a service and Platform as a service.
as a Service (IAAS):
This service involves
in providing operating systems to servers through IP-based connectivity as a part
of demand service, by this the clients of a company can avoid purchase of
software’s or servers.
as a Service (PAAS):
This service is complex
because this platform is used to build applications, which run on the
provider’s infrastructure. This service provides a predefined combination of
operating system and application servers.
as a Service (SAAS):
In this service a
complete application is provided to the business or the client as a service on
demand. This application runs on the cloud and multiple users are serviced.
models in the cloud:
Cloud: This cloud can be owned or leased by a single
Cloud: This cloud infrastructure is shared by several
organizations and supports a specific community.
Cloud: This cloud infrastructure is owned by an
organization and providing services to clients and public.
Cloud: This cloud infrastructure is a combination of two
or more clouds which have unique entities.
Figure 2: Cloud
computing Service Models. Figure 3: Cloud Computing Architecture.
It was proved that
there was one of the biggest security worries with the cloud computing that is
the sharing of resources that is also known as multitenancy. The cloud acts a
big black box, nothing inside of it is visible to the clients. Clients have no
idea or control over what happens in the cloud, even if the cloud provider is
honest there may be malicious system admins who can tamper with the VM’s and
violate the confidentiality and integrity.
The cyber attacks on
the cloud are also a problem as a large volume of data are stored by all users
on the cloud. The scary thing that the cloud is vulnerable to is the
Distributed Denial of Service (DDoS) attacks.
There might even be
even some security breaches from the inside. There was a news where Vodafone’s
breach of 2million customer records and also Snowden breach at the NSA are
wake-up calls that these breaches are due to the insider threats and privileged
user access. If an employee gains/gives or compromises your password or key to others
everything from customer data to confidential information is in there hands.
The current situation
of cloud computing is associated with lot of challenges as the black hats are
trying to get there required information from the cloud this make the user or
the business skeptical. Some of the most challenging issues are as follows:
of resource and expertise:
This is attributed to
several factors like lack of training, multiple and different cloud vendors and
the introduction to the hybrid clouds. The present situation is like different
cloud vendors use different terminologies and this gives them the strengths
this makes the business or enterprise to go with the wrong company so we need
to known the service they provide what are the differences between the others.
This is the main
challenge to the business thinking to apply it. The fact is that the high value
or the crucial enterprise data will stay outside the corporate firewall which
raises serious concerns. The world is with hackers who are looking into getting
the valuable data or attacking the cloud infrastructure would affect multiple
clients of the business hosted on the cloud. These risks can be mitigated by
using security application, data loss software, and security hardware to find
unusual behavior on the servers.
There are frequent
outages of services provided from the cloud. It is important to monitor the
service being provided using internal or third party tools. We need to
supervise the usage of the cloud, it performance, robustness and all the
service as if there is any compromise there might be a loss of crucial data
from the enterprise.
cost and Performance:
Enterprise may save
money by moving to cloud than buying the hardware but they need to spend more
for the bandwidth. This can vary like if the applications are smaller the cost
will be low but significantly high for the data intensive applications.
Some malware and
viruses are only used in destruction of data which will cause disaster in
cloud. Data loss can be threw hardware issues, software issues or malware
issues if those information goes into the wrong hands it will be a threat to
the business or enterprise. This data loss can be reduced by proper backup and
disaster recovery by cloud providers. Microsoft’s Azure provide azure site
recovery where you can recover the total application hosted on it if there is
As all business like
startups, enterprise and large companies are moving to cloud computing. There
may be some potential attack vector criminals who may attempt Denial of service
attacks, Side channel attacks, Authentication attacks, Man-in-the-middle
of Service (DoS) attack:
This attack is an
attempt to make an online service unavailable by sending enormous traffic from
multiple location or sources. This attack makes more effective as it is
impossible to find a difference between the legitimate user traffic from attack
traffic. This attack is mainly used on specific targeted purposes that include
disrupting transaction and access to the databases. If the attacker uses this
on any application layer it will disrupt services like search function and
retrieval of data from database.
Figure 1: shows how a
DDoS attack is carried out.
In this attack the
attacker places a malicious virtual machine on which the cryptology is
implemented to the close proximity to a target cloud server and then they launch
the side channel attack.
These types of attacks
are carried out when a malicious attacker places himself between two users.
This can lead to interception of data or information and modified
As the cloud
environments as the vast amount of data stored in it, becomes an attractive
target to the attackers. The severity of the damage depends on the sensitivity
of the data exposed from the cloud. Information like financial tends to get the
headlines, but breaches which involve health information, trade secrets can be
devastating. The cloud security Alliance CSA has recommended organization to
use multifactor authentication and encryption techniques to protect them self’s
from data breaches.
Credentials and Broken Authentication:
Data breaches and other
attacks are frequent results of weak passwords, slack authentication and poor
key or certification management. The organizations struggle to allocate user
based job roles as they need to allocate appropriate permissions. One important
thing the organization should be doing is that remove user access if the
employee or user is moving out of the organization. The business or
organizations should use multifactor authentication systems such as one-time
passwords, phone-based authentication as these devices makes hard for attacker
to log in with the stolen credentials. In 2015 there was a breach in Anthem Inc
a medical organization where the hackers had broken into its servers and stolen
40 million records that contain personally identifiable information. If they
have used the multifactor authentication there would not be any circumstance
like data breach.
interfaces and APIs:
Interfaces and APIs
(Application Program Interface) are used by programmers to team up to manage
and interact with cloud services, including that offer cloud management and
monitoring. Leading cloud companies like Amazon, Microsoft, and Google have
their APIs which can be used by the organization to deploy, monitor and manage.
The API used for authentication and access control to encryption and active
monitoring depend on the security of the API. The weak interfaces exposed
enterprises to security issues related to confidentiality, integrity, availability
technology, shared danger:
The shared technology
poses a significant threat to the cloud computing. The cloud service providers
share infrastructure, platforms and applications and if there is any attack on
this it will affect everyone.
vendor outages leave you high and dry:
Cloud vendors like
Microsoft, Amazon and Google had a major outages which did not last for long
but these outages can make or break the business if it occurs in the middle of
a important moment in the working day.
to protect data in cloud:
a stronger password.
two factor authentications.
wary of the public Wi-Fi.
automatic upload of media.
your media online.
of phishing attacks where they use fake message to get the information form
Recovery in Cloud
Cloud disaster recovery
is a backup and restore strategy that involves storing and maintaining copies
of records in a cloud computing environment as security measure. The main goal
of the disaster recovery is to provide an organization with a way to recover
data and implement failover in the event of a man made or natural disaster.
Failover and failback
keys to cloud recovery effective cloud disaster recovery provides continuous
service and it has the ability to fail over to the second site if there is any problem
in the hardware or software.
of Disaster Recovery in the cloud:
recovery: the difference between cloud-based disaster
recovery and traditional recovery is the difference in RPO and RTO. with cloud
based DR, the site has the capability to recover from a warm site right away
which will reduce the RPO and RTO time from days to hours.
saving: you can save a lot by having your recovery in the
cloud itself as cloud storage itself is very cost effective on over it if we
implement DR plan it will be more cost effective.
putting your disaster recovery site in the cloud allows for a lot of
flexibility, so increasing or decreasing the storage capacity as your business
demands it will be easier than the traditional backup.
having a cloud based disaster recovery plan is quite secure with the right
provider. If you place your production site hosted with one cloud service
provider, it would be smart to host your recovery site with the same provider.
server backup: the reason that disaster recovery in
the cloud is a better option is because you can quickly create a backup of your
entire server. With virtualization, you can take a server, including the
operating systems, applications, patches and data into a single software bundle
or virtual server.
Risk management and compliance issues
must be discussed and well defined between the cloud provider and the customer
and they need to enable transparency while there is a process like transaction
process or data retrieving process going on and storage of data.
Disaster Recovery plan and Business
continuity policy this helps to recover from any disaster like data loss or
The mandatory deletion of data should be
a part of the regulation of cloud computing services.
The cloud computing provider should
ensure data confidentiality. If the data goes into the attacker hands it will
cause a problem to the cloud provider and to the enterprise that was using the
The data transformation from the cloud
to the customer/client should be protected to ensure confidentiality,
integrity, authentication control and further to minimize the Denial of Service
The cloud provider should notify how the
information leakage control is managed.
Non professional should be educated with
new versions and professionals should be skilled to understand the new risks.
There are many new
technologies coming in at a rapid rate, each with technological advancements
and with the potential of making human lives easy. However, every single person
should be very careful to understand the risk and challenges posed. Cloud
computing is not without risks and threats, but the truth remains that these
risks are definitely manageable with some efforts. The Disaster recovery as a
service is very much helpful if the service of a company goes down or there is
any data loss we can use this service with the cloud to get back to the original
if there is any disaster. One of the service provider is Microsoft Azure.