• Netenrich
  • /
  • ...
  • /
  • Fixing cloud data storage problems with Netenrich
Subscribe To Our Newsletter!

Stay up to date on the top trending threats as well as the top stories in Security, Networks, Cloud, IT Ops & AIOps.

Fixing cloud data storage problems with Netenrich

Fix all your cloud data storage problems by mitigating attacks like formjacking and cryptojacking with Netenrich ASI.

Rajarshi Mitra
Post by Rajarshi Mitra Aug 11, 2020

Cloud storage has changed the way companies conduct their operations. Services like Amazon S3 and Microsoft Azure’s Blob can now provide companies with near-infinite storage capabilities. Unfortunately, using these services also increases a company’s potential attack surface. An organization can lose millions of dollars because of a single misconfigured cloud workload or storage instance. In 2018 alone, a staggering 70 million records were stolen or leaked from poorly configured S3 buckets.

In this blog post, we will first understand the benefits of cloud storage and then see how Netenrich’s ASI (Attack Surface Intelligence) can help you track important leakages and misconfigurations.

The Benefits of Cloud Storage

Why have so many companies adopted cloud storage? Let’s understand the benefits of migrating to cloud storage.

Cloud Storage helps in Cost Cutting

The biggest benefit of cloud storage is that it helps in saving costs significantly. Moving to the cloud means that companies don’t need to buy:

  • Hard disks.
  • The enclosure containing the hard disks.
  • The RAID (redundant array of independent disks) cards.
  • Electricity to power the extra hardware.

Also, due to the lack of on-premise hardware, there isn’t any need to hire extra staff to take care of it.

Data Replication

Reputable cloud vendors keep multiple copies of the data with a single “datacenter.” This reduces any possible chance of accidental data loss. Some even offer the option of geographic replication where multiple copies of your data are available across different regions.

Data Tiering

Cloud storage doesn’t have a “one size fits all” policy. Vendors often offer different tiers of data storage. These tiers depend on how quickly and frequently you need to restore backups and how long you plan to keep your backups in storage.

The dangers of cloud data storage

As per Symantec’s Internet Security Threat Report, cloud resources have increasingly become rich sources of stolen data for identity thieves. Reportedly, a single misconfigured cloud workload or storage instance could cost a company millions of dollars. Let’s look at the two of the most infamous attacks made directly as a result of cloud storage misconfigurations:

  • In 2017, a ransomware attack was launched on MongoDB. Its contents were wiped out and the attacker demanded a ransom to restore them.
  • In 2018, more than 70 million records were stolen or leaked from poorly configured S3 buckers.

So, what are the most common ways that hackers can take advantage of cloud misconfigurations? According to reports, the most common forms of attack are:

  • Formjacking
  • Cryptojacking

Formjacking

Formjacking was the fastest-growing threat of 2018, according to Symantec. During this attack, an attacker will use malicious JavaScript code to steal credit card and other payment information from the checkout pages of eCommerce sites. As per reports, 4,818 unique websites got formjacked every month in 2018. A single credit card can fetch up to $45 in underground markets. However, sometimes just 10 stolen credit cards can yield up to $2.2 million per month.

Cryptojacking

In a cryptojacking attack, a hacker hijacks the processing power and cloud CPU usage from enterprises and users to mine for cryptocurrency. Cryptojacking attacks have been steadily on a rise on a year-to-year basis. As per IBM’s “X-Force Threat Intelligence Index 2019,” cryptojacking attacks went up by 450% over the course of 2018.

cloud-data-storage-problems

The reason for this is simple. As you can see in the chart above, after prices dipped in 2018, Bitcoin and the crypto market saw a resurgence in 2019. Interest in cryptojacking attacks has grown since mining has become even more profitable as prices increase. Cryptomining malware can steal enough resources from your organization to mine cryptocurrencies on their own. It does so stealthily, remaining undetected for as long as possible.

How Netenrich will Monitor your Cloud Infrastructure

At Netenrich, we thoroughly monitor our client’s network and datacenter, and cloud infrastructure without handicapping your systems with resource-intensive scans.

  • Our always-on ASI continuously investigates the client’s cloud for possible weaknesses and vulnerabilities.
  • Threat intel will cross-reference the data collected with all the intel it picks up from all over the web. Following that, our systems will be able to tell if a particular threat is potent enough to require instant remediation or not.
  • ASI analysts do a thorough web application testing of your website to make sure your website is not infected with malicious JavaScripts, preventing cryptojacking and formjacking attacks.

 

Rajarshi Mitra

About the Author

Rajarshi Mitra

Rajarshi is a creative and accomplished writer who made his mark in the blockchain space before stepping into cybersecurity. When he is not working, he is busy chilling with his wife and cat.

Subscribe To Our Newsletter!

The best source of information for Security, Networks, Cloud, and ITOps best practices. Join us.

Thank you for subscribing!

Related Post

Jun 22 2021

Attack Surface Management during Mergers & Acquisitions

Empower your team to become more proactive and fix...

Read More
Dec 02 2020

OpsRamp Tackles Security From The Outside-In With ASI

Viswanatha Penmetsa shares practical security advi...

Read More
Nov 05 2020

Vulnerability Management: Part 3 – Attack Surface Management

Combine threat and attack surface intelligence to ...

Read More