The latest cloud security breaches show that we have miles to go as we keep fighting to keep our sensitive data safe.
2020 marked a record number of cyberattacks. Cloud-based services have been the most common target of such attacks.
According to the State of Cloud Security 2021 report [PDF], 36% of the companies surveyed confirmed they experienced cloud data leaks in 2020. An overwhelming 83% confirmed they believed their organization was likely to be the victim of a cybercrime.
What has changed since? Have businesses found new solutions to tackle the complex issue of ensuring cloud security?
Ever since the start of 2021, there have been various attacks on services that rely on a cloud. These breaches harmed both companies and users.
Let’s examine some of the latest cloud-based breaches, scratch the surface of cloud security and uncover the reasons as to why these attacks keep happening.
VIP Games cloud misconfiguration
Free gaming platform by the name of VIP Games was the victim of a cloud misconfiguration back in January 2021.
Because of the data breach, over 66,000 mobile and desktop users lost 23 million records that included sensitive data—passwords, Google IDs, email addresses, and more.
What can we learn from this attack?
Cloud misconfigurations are particularly sensitive because they have to be constantly monitored. This is the reason cloud attacks of this type are difficult to prevent and manage—and one of the main reasons why hackers target these glitches in the system.
Another reason cloud-based services are difficult to avoid is that cybercriminals are constantly getting better at detecting vulnerabilities in security systems.
From the aforementioned State of Cloud Security Report for 2021,
“The traditional approach involves picking an organization to target and then searching for vulnerabilities to exploit. With the cloud, malicious actors now use automation tools to scan the entire internet searching for cloud misconfigurations.”
Cybercriminals continually evolve and improve, which means that both cloud security services and hackers are in a constant race to find vulnerabilities before the other side does.
iCloud phishing scam
We recently covered the iCloud phishing scam that targeted young girls. The aftermath of this has resulted in 620,000 leaked photos of women.
A cybercriminal broke into 200 iCloud accounts after obtaining women’s ID and passwords posing as an Apple representative. He then shared sexually explicit content with others online.
What can we take away from this?
- Cybercriminals often use cloud attacks to target individuals and not the company itself.
- We are still learning how to recognize potential phishing emails and if someone is misrepresenting themselves. This is especially difficult with emails and phone calls that imitate authorities.
- People haven’t been deterred from using Apple products even though their iCloud has been vulnerable to cyberattacks in the past.
- What’s more, similar cybercrime that involved the leaking of sexually explicit celebrity images in the past also relied on vulnerabilities in their iCloud services.
Mimecast data breach
Mimecast is a company that provides cloud-based email software. In January 2021, the company reported that a threat actor got their clients’ digital certificates. Obtained data were used to breach clients’ Microsoft 365 accounts through Mimecast’s products.
Considering Microsoft caught the suspicious activity early, this cloud attack was mitigated, affected individuals were promptly contacted by Mimecast and given new certificates.
What can we learn from this cyberattack?
If this attack hadn’t been caught by Microsoft early, it would have been significantly more damaging. However, it’s concerning that hackers could access Microsoft accounts using Mimecast certificates at all.
The attack is a reminder that we should all be warier in which ways companies of the services we use can connect and impose on our infrastructures. This can be done by being aware of what they’re doing exactly and reflecting upon how much access they really need.
After signing up for a particular system or service, clients and customers shouldn’t have to risk the data available on other services.
In these examples cybercriminals intentionally target users of cloud-based services rather than damaging the company – but they do both in the process. Cloud security breaches are harmful to companies and individuals alike.
They can strip you of your identity, damage your finances and reputation and make you feel completely unsafe sharing any information online.
Additionally, they can damage the reputation of their targeted businesses as well as cause significant financial damage.
These attacks are happening daily, regardless of the best efforts of security companies who work tirelessly to prevent them from happening.
The reality is, it’s not likely we’ll weed out cybercrime once and for all.
Cybercriminals find new ways of getting into your online accounts and getting sensitive information they can use to harm you.
As businesses, what we can do is invest in better cyber security. As individuals, we can choose those companies that prioritize transparency and keeping their user’s data safe.