Top Threat #8 to Cloud Computing: Accidental Cloud Data Disclosure
Published 11/13/2022
Written by the CSA Top Threats Working Group.
The CSA Top Threats to Cloud Computing Pandemic Eleven report aims to raise awareness of threats, vulnerabilities, and risks in the cloud. The latest report highlights the Pandemic Eleven top threats, in which the pandemic and the complexity of workloads, supply chains, and new technologies shifted the cloud security landscape.
This blog summarizes the eighth threat (of eleven) from the report: accidental cloud data disclosure. Learn more about threat #6 here and threat #7 here.
What Leads to Accidental Security Implications?
Although cloud adoption enables growth at a pace never seen before, the complexity of the shift to cloud, with diverse teams and business units, often leads to a lack of security governance and control. Increasing numbers of configurations for cloud resources in different CSPs make misconfigurations more common, and the lack of transparency and adequate network exposure can lead to unintentional data leaks.
Over 55% of companies have at least one database that is currently publicly exposed to the internet. Many of these use weak passwords or don’t require authentication, making them easy targets for attackers who continuously scan the internet looking for exposed databases. To prevent a breach, exposures must be fixed as soon as possible.
Business Impact
The ease of use of the cloud makes it extremely popular. However, this leads to some unfortunate business cost implications:
- Exposure of databases that contain sensitive customer data, employee information, and product data result in unexpected expenses to forensic teams, customer support, and compensation to affected customers.
- According to IBM Research in 2021, there are many indirect costs of data breaches. These include in-house investigation and communication, current customer loss, and future customer loss due to company reputation.
What Are the Key Takeaways?
Here are some key takeaways to consider to prevent unintentional data leaks:
- Review your PaaS databases, storage, and compute workloads hosting databases.
- Choose exposure engines that have full visibility of your cloud environment to identify any routing or network services that allow traffic to be exposed externally.
- Reduce access exposure by ensuring that databases implement least-privileged IAM policy, and assignments of this policy are controlled and monitored.
Example
In January 2021, a VIP Games cloud misconfiguration exposed 23 million records of over 60K users containing personal information such as emails, usernames, device details, IP addresses, and more. WizCase researchers found that this data was publicly accessible, and available to anyone without any gated protection. If the data had been viewed by attackers with malicious intent, it could have left users vulnerable to theft, fraud, and scamming.
Learn more about this threat and the other 10 top threats in our Top Threats to Cloud Computing Pandemic Eleven publication.
Related Articles:
CSA Community Spotlight: Nerding Out About Security with CISO Alexander Getsin
Published: 11/21/2024
Why Application-Specific Passwords are a Security Risk in Google Workspace
Published: 11/19/2024
Top Threat #5 - Third Party Tango: Dancing Around Insecure Resources
Published: 11/18/2024
Group-Based Permissions and IGA Shortcomings in the Cloud
Published: 11/18/2024