Contact Us
back

Cloud Vulnerabilities

Published On: 
Jan 5, 2020

Barbara M. Hunt

Founder and Chief Executive Officer
145 Views    10 Comments

Steve Bay

(Founder and) Consultant on Identity Protection
Cloud Browser
Cloud Networking
Dark Web Access

Recent cyber activity now suggests that it isn’t just networks that are vulnerable to cyber attacks. A 2019 year-end article in the Wall Street Journal identifies Chinese cyber attackers that were found lingering in the cloud, collecting data.

https://www.wsj.com/articles/ghosts-in-the-clouds-inside-chinas-major-corporate-hack-11577729061

The attackers, dubbed APT10 by U.S. officials, seem to have infiltrated cloud networking services, gaining access to proprietary data, security clearance information, and even medical research. Even scarier, the attackers could still be lingering among cloud services, years after the first known attack in 2016.

“They came in through cloud service providers, where companies thought their data was safely stored.”

After accessing the cloud, APT10 has had the ability to “hop” from client to client gathering sensitive data, the report says. Officials say there is evidence of IP addresses pinging data back to APT10’s network between April and mid-November. The Cloud Hopper attack has affected companies and organizations ranging from IT giants Hewlett Packard Enterprise Co. and IBM, to the U.S. Justice Department and Navy.

“The hack illustrates a weakness at the heart of global business, with the biggest companies in the world increasingly storing their most sensitive data with cloud providers, also known as managed service providers, which have long touted their security.”

It is important to note that among a cloud provider’s “proprietary data” is their customer subscriber information. If this information is hacked, it helps the attackers identify and prioritize who’s data might be of the most interest to steal. In some cases, it also narrows the possible location (data centers) of where the data-of-interest is stored. While the attackers might be “hopping” between cloud locations and clients, the attack might not be random but rather a focused effort on high-value brand-identity targets that were registered in the cloud provider’s subscriber databases.

           How to help mitigate the APT problem?

  • Use a low-profile surrogate identity to subscribe for network services and especially for cloud hosting of your sensitive data.
  • Isolate and disguise your network within the overall cloud environment so that it is not as apparent to APTs that may be lingering in-wait.
  • Utilize more than one cloud to make it more difficult for an APT in one environment to “hop” and follow your activity.  
  • Don’t be a static network. If you shift and move,  APTs can’t easily map your location and then simply sit in-wait to steal and collate your data.
  • Be proactive, not reactive. Disguise and protect your network before you become the target of an APT.

           “If they can’t find you…they can’t attack you.”

Featured Blogs

Corey Williams | Vice President, Marketing

CrowdStrike Becomes a Publicly Traded Company

June 12, 2019 - 5 mins
Corey Williams | Vice President, Marketing

CrowdStrike Becomes a Publicly Traded Company

June 12, 2019 - 5 mins
Corey Williams | Vice President, Marketing

CrowdStrike Becomes a Publicly Traded Company

June 12, 2019 - 5 mins
Corey Williams | Vice President, Marketing

CrowdStrike Becomes a Publicly Traded Company

June 12, 2019 - 5 mins
Related Content
Your title content goes here

It is a long established fact that a reader will be distracted by the readable.

Read More
Your title content goes here

It is a long established fact that a reader will be distracted by the readable.

Read More
Your title content goes here

It is a long established fact that a reader will be distracted by the readable.

Read More

Ad Space

Steve Bay

(Founder and) Consultant on Identity Protection

Steve spent 30 years with the Central Intelligence Agency, primary as an overseas field Intelligence collector and then operations support manager. As a former practitioner in the use and acquisition of alternate identities, he provides thought leadership on operational threat assessments and identity protection implementation strategies.

Related Content
Chinese Cyber Attackers Found Lingering in Cloud, Collecting Data

Cyber attackers thought to stem from China have infiltrated cloud networking services gaining access to proprietary data, security clearance information, and even medical research.

READ MORE
NSA warns vulnerabilities exploited by nation-state hackers

Nation-state hackers are exploiting previously disclosed vulnerabilities in VPNs. According to a security advisory from the NSA.

READ MORE
Research shows cloud security vulnerabilities grow

The risk involved with enterprise cloud deployments is expanding, with several resent reports indicating a rise in cloud security incidents and threats.

READ MORE

Subscribe

Sign up for the latest posts and updates from NetAbstraction.

Subscribe

Related Blogs

Category
Best practices for Mobile Device Security

This article appeared in Security Brief, New Zealand and is republished here with their permission.Mobile phones have a huge impact on the day-to-day lives and the way one communicates with the world.

Read More
Category
Watch Compelling Keynotes and Sessions from the Fal.Con for Public Sector Conference

rowdStrike’s first Fal.Con for Public Sector cybersecurity conference — held last week at the new International Spy Museum in Washington D.C. — brought together.

Read More
Category
ITProPortal: CrowdStrike Discusses Life Beyond Malware

This article, “Life Beyond Malware,” originally appeared on ITProPortal and is published here with their permission.

Read More
2020
NetAbstraction