Download - Cloud Computing Security Breaches
-
8/11/2019 Cloud Computing Security Breaches
1/54
Presented By
Sahil
Cloud Security
By Sahil
-
8/11/2019 Cloud Computing Security Breaches
2/54
What is Cloud Security ?
Cloud security is an evolving sub-domain of
computer security, network security, and, more
broadly, information security. It refers to a broad set
of policies, technologies, and controls deployed to
protect data, applications, and the associatedinfrastructure of cloud computing.
-
8/11/2019 Cloud Computing Security Breaches
3/54
Security Issues in the Cloud
LossofControl Takebackcontrol
Dataandappsmaystillneedtobeonthecloud
Butcantheybemanagedinsomewaybytheconsumer?
Lackoftrust
Increasetrust(mechanisms)
Technology
Policy,regulation
Contracts(incentives):topicofafuturetalk
Multi-tenancy
Privatecloud
Takesawaythereasonstouseacloudinthefirstplace
Strongseparation
-
8/11/2019 Cloud Computing Security Breaches
4/54
Loss of Control in the Cloud
Consumerslossofcontrol Data,applications,resourcesarelocatedwithprovider
Useridentitymanagementishandledbythecloud
Useraccesscontrolrules,securitypoliciesandenforcementare
bythecloudprovider
Consumerreliesonprovidertoensure Datasecurityandprivacy
Resourceavailability
Monitoringandrepairingofservices/resources
-
8/11/2019 Cloud Computing Security Breaches
5/54
Example :
-
8/11/2019 Cloud Computing Security Breaches
6/54
Lack of Trust in the Cloud
Abriefdeviationfromthetalk
(Butstillrelated)
Trustingathirdpartyrequirestakingrisks
Definingtrustandrisk
Oppositesidesofthesamecoin(J.Camp)
Peopleonlytrustwhenitpays
Needfortrustarisesonlyinriskysituations
Defunctthirdpartymanagementschemes
Hardtobalancetrustandrisk
e.g.KeyEscrow(Clipperchip)
Isthecloudheadedtowardthesamepath?
-
8/11/2019 Cloud Computing Security Breaches
7/54
Multi-tenancy Issues in the Cloud
Conflictbetweentenantsopposinggoals Tenantsshareapoolofresourcesandhave
opposinggoals
Howdoesmulti-tenancydealwithconflictof
interest?
Cantenantsgetalongtogetherandplaynicely
? Iftheycant,canweisolatethem?
Howtoprovideseparationbetween
tenants?
-
8/11/2019 Cloud Computing Security Breaches
8/54
Principal security dangers to
cloud computing
-
8/11/2019 Cloud Computing Security Breaches
9/54
Principal security dangers
Loss of governance
Responsibility ambiguity
Isolation failure
Vendor lockin
Compliance and legal risks
Handling of security incidents
Management interface vulnerability
Data protection
Malicious behavior of insiders
Business failure of the provider
Service unavailability
Insecure or incomplete data deletion
-
8/11/2019 Cloud Computing Security Breaches
10/54
Mitigating Risk
Ensure effective governance, risk and compliance processes exist
Audit operational and business processes
Manage people, roles and identities
Ensure proper protection of data and information
Enforce privacy policies
Assess the security provisions for cloud applications
Ensure cloud networks and connections are secure
Evaluate security controls on physical infrastructure and facilities
Manage security terms in the cloud SLA
Understand the security requirements of the exit process
-
8/11/2019 Cloud Computing Security Breaches
11/54
Data corruption or loss
As more businesses move their operationsto the cloud and other virtual
environments, a new survey reveals some
of the pitfalls associated with storing
critical information there.
The survey revealed that 65 percent ofbusinesses and other organizations have
frequently lost data from a virtual
environment,
-
8/11/2019 Cloud Computing Security Breaches
12/54
Data corruption or loss
According to the survey, common causes ofdata loss from virtualized environments
include:
file system corruption
deleted virtual machines
internal virtual disk corruptionRAID and other storage
server hardware failures
deleted or corrupt files
-
8/11/2019 Cloud Computing Security Breaches
13/54
Cause of Data Failure
Top 5 causes of
data loss
Softwarefailure
Hardwarefailure
Humanerror
Employeetheft
Cybercrime
-
8/11/2019 Cloud Computing Security Breaches
14/54
Internel Security Breaches
-
8/11/2019 Cloud Computing Security Breaches
15/54
Risk Score
3
FactoidA Awareness
Category: People
Class: Training
Frequency: High
Impact: High
Vulnerability:
Inadequate user and Cloud servicer provider employee awareness training
on cyber and other security risks.
Threat Actors:
Cloud service provider employees and Cloud users (inadvertently).
Risk:
Poorly trained or unaware employees are less likely to detect and respond
to internal or external data security breaches or threats.
Key Controls:
Contractual terms that specify the training regime required, supported by
quality assurance and audit processes. Similar training must also occur in-
house at the users site.
Percentage of people surv
that the weather could af
25
Copyright The Risk Management Group, 2013
-
8/11/2019 Cloud Computing Security Breaches
16/54
Risk Score
3
FactoidE Cloud Provider Employees
Category: People
Class: Background Checks
Frequency: High
Impact: Medium
Vulnerability:
Because Cloud services are generally hosted overseas, the same employee
screening checks as those used at home may not be possible. In many
cases, they may not even be legal.
Threat Actors:
Foreign rogue employees and criminals or single issue extremists.
Risk:
Cloud service providers may be penetrated by threat actors intent in
accessing hosted data or subverting key systems.
Key Controls:
Prior investigation to short list Cloud providers and who can and do
conduct suitable pre-employment screening.
Percentage of businesses sta
awareness is a greater threaattacks by cyber criminals.
65
Copyright The Risk Management Group, 2013
-
8/11/2019 Cloud Computing Security Breaches
17/54
Risk Score
3
FactoidU User Account Management
Category: People
Class: User privileges
Frequency: High
Impact: Medium
Vulnerability:
A failure to amend users system privileges when they change roles or leave
the organisation.
Threat Actors:
Cloud service provider employees and sub-contractors.
Risk:
Users retain access rights after they are no longer required. Any resulting
abuses may be difficult to track.
Key Controls:
Close, automated liaison between HR and Security to ensure that all role
changes result in a review of user access rights plus regular audits of user
accounts and roles to verify appropriateness.
Percentage of UK residents e
companies or their employepersonal data without appro
97
Copyright The Risk Management Group, 2013
-
8/11/2019 Cloud Computing Security Breaches
18/54
Risk Score
3
FactoidRegulatory Non-compliance
Category: Applications
Class: Data Protection
Frequency: High
Impact: High
Vulnerability:
Data held or manipulated by third party service provider employees in
foreign jurisdictions may not be subject to the same level of protection as
that required of the data controller by the regulator in the home country or
that agreed with the Cloud host.
Threat Actors:
Cloud service provider third party employees.
Risk:
Data breaches occurring overseas can lead to regulatory sanctions locally.
Key Controls:
Contractual defences designed to mitigate the potential for regulatory
penalties in the data custodians home country.
Percentage of UK business u
spending on data security.
80%
R
Copyright The Risk Management Group, 2013
-
8/11/2019 Cloud Computing Security Breaches
19/54
Risk Score
3
FactoidC Data Classification Failures
Category: Applications
Class: Data Protection
Frequency: High
Impact: High
Vulnerability:
Poor processes for classifying data according to sensitivity and type can
lead to sensitive data being transported to Cloud storage inappropriately.
Threat Actors:
Employees and sub-contractors of the data controller.
Risk:
Data that should not be placed in Cloud storage is moved to remote
storage without the appropriate controls being implemented.
Key Controls:
A structured and audited data inventory and classification framework and
supporting processes. Regular ongoing Cloud storage inventory audits.
Percentage of businesses tha
data held on personal mobilCloud storage.
60
Copyright The Risk Management Group, 2013
-
8/11/2019 Cloud Computing Security Breaches
20/54
Risk Score
3
FactoidDs Denial of Service
Category: Applications
Class: Service disruption
Frequency: Low
Impact: Critical
Vulnerability:
The dependency of Cloud users on remote services means that attacks or
technical failures that disrupt Cloud-based services or applications can halt
local business operations.
Threat Actors:
DoS or DDoS attackers, Malware Devs, Cloud provider staff or contractors.
Risk:
Partial or complete loss of access to key systems. Possible business failures
and/or financial losses.
Key Controls:
Localiseddisaster recovery and backups. Cloud provider resilience. Cloud
risk audits. Data classification and segmentation.
The number of UK Internet
free Low Orbit Ion Cannon
over a period of just 3 days
34,0
Copyright The Risk Management Group, 2013
E i
-
8/11/2019 Cloud Computing Security Breaches
21/54
Risk Score
3
FactoidEc E-crime
Category: Applications
Class: e-Commerce Fraud
Frequency: High
Impact: Medium
Vulnerability:
E-Commerce platforms hosted in the Cloud are subject to attacks and
manipulation by internal and external fraudsters. Cloud service employees
with admin rights can potentially access sensitive payment data and
systems.
Threat Actors:
Cloud service employees, contractors, hackers, external fraudsters.
Risk:
Exposure and misuse of payment data or fraudulent payments for goods
and services via the payment platform.
Key Controls:
Payment Card Industry Data Security Standard (PCI DSS) controls & audits.
Cybercrime:
Espionage
Service denial
E-crime and cybercrime have
and effects. While they do o
primarily technical and e-crim
Copyright The Risk Management Group, 2013
Ri k SH j ki
-
8/11/2019 Cloud Computing Security Breaches
22/54
Risk Score
2
FactoidH Hyperjacking
Category: Applications
Class: Takeover
Frequency: Low
Impact: Critical
Vulnerability:
Insecure Hypervisor (supervisory) Cloud applications can theoretically be
taken over by malicious attackers.
Threat Actors:
hackers or rogue employees.
Risk:
Control over the Hypervisor application stack gives the attacker control
over hosted Cloud applications and services can be denied or data
exposed. Crypto-extortion attacks are also possible.
Key Controls:
Logical security of the Hypervisor stack, supported by audits and regular
penetration testing.
The Cloud is becoming incr
complex. Once fairly well de
hands are both adding new
Something-
Copyright The Risk Management Group, 2013
Ri k SM M l
-
8/11/2019 Cloud Computing Security Breaches
23/54
Risk Score
3
FactoidM Malware
Category: Applications
Class: Infections
Frequency: High
Impact: High
Vulnerability:
Like any other form of IT infrastructure, Cloud service platforms are
exposed to a wide range of malware infections, particularly if anti-malware
applications are not updated regularly.
Threat Actors:
Malware developers, Cloud users and hardware suppliers.
Risk:
Malware payloads can expose data, introduce persistent spyware, edit
operational parameters, facilitate account takeover or execute crypto-
extortion and logical denial of service attacks.
Key Controls:
Anti-malware applications from recognised suppliers, regularly updated.
90%
Percentage of mobile malwaaffecting the Android Operat
Image source: http://mashable.com/201
Copyright The Risk Management Group, 2013
Risk Score F t idS Unauthorised Systems Access
-
8/11/2019 Cloud Computing Security Breaches
24/54
Risk Score
2
FactoidSy Unauthorised Systems Access
Category: Applications
Class: Data Protection
Frequency: Low
Impact: High
Vulnerability:
Weak controls (e.g. poor or shared passwords) can lead to unauthorised
access to systems and data held in the Cloud.
Threat Actors:
hackers and data thieves, Cloud provider staff, joint Cloud tenants and sub-
contractors.
Risk:
Data is exposed, read, stolen, deleted or edited. Crypto-extortion attacks
may also result.
Key Controls:
Secure authentication, staff vetting, data encryption, key management,
contractual terms to establish liabilities and responsibilities, plus audits.
70%
Perc
that
are t
chall
Copyright The Risk Management Group, 2013
Risk Score Q tSc Side Channel Attacks
-
8/11/2019 Cloud Computing Security Breaches
25/54
Risk Score
2
QuoteSc Side Channel Attacks
Category: Applications
Class: Data Protection
Frequency: Low
Impact: High
Vulnerability:
Only demonstrated in the lab so far, this form of attack involves a joint
Cloud tenant sniffing the authentication session for another tenant and
then engineering an intrusion.
Threat Actors:
Malicious joint Cloud tenants.
Risk:
Data may be exposed or corrupted and account takeover or crypto-
extortion attacks may occur, leading also to regulatory exposure.
Key Controls:
Multi-factor authentication, encrypted channels, contractual rights to
exclude selected joint tenants or exclusive tenancy agreements.
Multi-tenant environment
requirements for each tena
make a multi-tenant cloud
compromise.
Hassan Takabi and James B.D Jos
Copyright The Risk Management Group, 2013
Risk Score FactoidSo Source Code
-
8/11/2019 Cloud Computing Security Breaches
26/54
Risk Score
3
FactoidSo Source Code
Category: Applications
Class: Intellectual Property
Frequency: Medium
Impact: High
Vulnerability:
Unrestricted access to application or object source code.
Threat Actors:
hackers, Cloud service provider employees, contractors.
Risk:
Theft of intellectual property or the manipulation of Cloud systems and
hosted code.
Key Controls:
Tight access restrictions to source code and the use of compiled (secure)
code that defies reverse engineering.
75%
Perce
who
stron
tech
host
Copyright The Risk Management Group, 2013
Risk Score FactoidSp Self Provisioning
-
8/11/2019 Cloud Computing Security Breaches
27/54
Risk Score
4
FactoidSp Self Provisioning
Category: Applications
Class: Data Protection
Frequency: High
Impact: Critical
Vulnerability:
Frustrated by traditional IT project timelines and controls, many employees
now provision their own departmental Cloud services and pay with a credit
card.
Threat Actors:
Well intentioned but impatient employees.
Risk:
Data is placed in Cloud storage without classification and approval and
outside the prescribed control framework. Unsuitable Cloud service
providers may be selected.
Key Controls:
Rules on self-provisioning. Regular audits and data inventory checks.
45%
Perc
repo
prov
for fu
Copyright The Risk Management Group, 2013
Risk Score FactoidD Device Risks
-
8/11/2019 Cloud Computing Security Breaches
28/54
3
FactoidD Device Risks
Category: Network
Class: Access Control
Frequency: High
Impact: High
Vulnerability:
A failure to identify personal mobile or portable devices being used for
business purposes (laptops, tablets, PDAs and mobile phones) which often
present a higher risk level than desktop devices.
Threat Actors:
Mobile device users with infected devices, device thieves, malware
developers, hackers.
Risk:
Mobile devices are more easily stolen and are increasingly likely to be
infected by malware.
Key Controls:
Segmentation of access rights by device and/or connection type.
70%
30%
The use of personal devices business-related use is rising
Copyright The Risk Management Group, 2013
Risk Score History lessonP Port Misuse
-
8/11/2019 Cloud Computing Security Breaches
29/54
3
History lessonP Port Misuse
Category: Network
Class: Access Control
Frequency: High
Impact: Medium
Vulnerability:
Weak access controls on configuration and diagnostic ports within the
Cloud environment.
Threat Actors:
hackers and script kiddies, fraudsters and data thieves.
Risk:
Weak control over equipment ports can open the Cloud environment up to
a wide range of data theft and takeover threats.
Key Controls:
Proper user account management and restricted access to key commands
and systems (Firewalls, super user and system admin rights, etc.) all
reinforced by a sound audit and penetration test regime.
Hacking into configuration
sector has been a long-sta
cost that industry hundred
fraud losses over the past
Copyright The Risk Management Group, 2013
Risk Score FactoidRy Remote Access
-
8/11/2019 Cloud Computing Security Breaches
30/54
3
Factoidy Remote Access
Category: Network
Class: Access Control
Frequency: High
Impact: High
Vulnerability:
Remote user access has not been subjected to enhanced levels of security.
Threat Actors:
hackers, script kiddies, rogue employees, data thieves and state actors.
Risk:
Insufficiently validated remote users are able to access sensitive systemsand data.
Key Controls:
Multi-factor authentication for remote users, supported by an audit and
penetration testing programme.
60%
The percentage of new vehicthat can remotely access Clo
Copyright The Risk Management Group, 2013
Risk Score FactoidSi Sniffing & Interception
-
8/11/2019 Cloud Computing Security Breaches
31/54
3
g p
Category: Network
Class: Data Interception
Frequency: Medium
Impact: High
22%
Perce
told
expe
in im
Vulnerability:
Unencrypted packets sent across the public Internet might be exposed to
interception.
Threat Actors:
hackers and state actors.
Risk:
Exposure of confidential data, session hijacking and man-in-the-middle
attacks.
Key Controls:
All sensitive data should be encrypted during transmission. Audits and
penetration tests should be used to validate the efficacy of this control.
Copyright The Risk Management Group, 2013
Risk Score FactoidId Insecure disposal
-
8/11/2019 Cloud Computing Security Breaches
32/54
4
p
Category: Platforms
Class: Data Protection
Frequency: High
Impact: Critical
Vulnerability:
Cloud service providers often change out hardware without notifying the
parties accountable for the data contained within them. If not
professionally disposed of, such equipment may still hold confidential data.
Threat Actors:
Agents of foreign states, data thieves, corporate spies.
Risk:
Forensic recovery of data held on disposed equipment by a third party.
Key Controls:
Contractual and audit procedures to ensure that the data controller is
given advance warning of all equipment swaps and that professional
disposal routines are adopted.
11%
Perc
surve
prefe
The m
Priva
Copyright The Risk Management Group, 2013
Risk Score FactoidIh Infected Hardware
-
8/11/2019 Cloud Computing Security Breaches
33/54
3
Category: Platforms
Class: Malware
Frequency: High
Impact: High
Vulnerability:
Grey market hardware and even some hardware from mainstream sources
have been proven to contain Spyware and other forms of APT malware,
apparently pre-installed at the point of manufacture.
Threat Actors:
Manufacturers, state sponsors, channel staff and engineers.
Risk:
Data exposure, crypto-extortion or denial of service attacks.
Key Controls:
Contractual terms that require the secure sourcing of Cloud service
hardware, along with a right to audit clause and a remote auditing
capability.
20%
Perce
alrea
when
Micr
Chine
Copyright The Risk Management Group, 2013
Risk Score FactoidPf Platform failures
-
8/11/2019 Cloud Computing Security Breaches
34/54
3
Category: Platforms
Class: Disaster Recovery
Frequency: Low
Impact: Critical
Vulnerability:
As with any IT system, Cloud platforms can fail and the data they contain
can be lost or damaged.
Threat Actors:
Malware developers or other attackers. Cloud service provider staff.
Risk:
Loss of data, corruption of data and loss of service.
Key Controls:
Disaster recovery and business continuity plans, including provisions for
local recovery infrastructure, must be implemented, audited and regularly
tested. Up-to-date anti-malware applications must also be installed.
66%
Perc
infor
com
infra
bigge
to Cl
Copyright The Risk Management Group, 2013
Risk Score FactoidPs Physical Security
-
8/11/2019 Cloud Computing Security Breaches
35/54
2
Category: Platforms
Class: Access Control
Frequency: Low
Impact: Medium
Vulnerability:
Smaller Cloud service providers might not be able to offer the required
standards of physical site security and access control that larger, more
expensive providers can put in place.
Threat Actors:
Intruders.
Risk:
Damage to or theft of hardware, data theft or exposure, data loss.
Key Controls:
Contractual definition of physical security and access control requirements,
confirmed by on-site audits and penetration tests.
99%
Perc
infor
playe
dete
deplo
Copyright The Risk Management Group, 2013
-
8/11/2019 Cloud Computing Security Breaches
36/54
Cloud Risks Threat Actors
Fa The Fraudster
-
8/11/2019 Cloud Computing Security Breaches
37/54
Typical motives
The goal of the
make a financia
loss through th
her motives are
either profit or Profile
The online fraudster comes in many forms,
including the old-fashioned financial
fraudster, the e-commerce fraudster, the
payment card fraudster, the mortgagefraudster, the insurance claim fraudster, and
those attempting to commit market abuse
or similar crimes. Indeed, there are any
number of fraudster profiles online, limited
only by the range of services, payment
mechanisms and business models on offer.
Copyright The Risk Management Group, 2013
Ha The Hacker
-
8/11/2019 Cloud Computing Security Breaches
38/54
Profile
The traditional hacker is a technical expert,
often renowned for his or her skill and
generally proud of it. The hacker specialises
in breaking into systems by breaching
security using high-tech methodologies. He
or she may view corporations and
governments with suspicion and will often
hold the opinion that software and data
should be free of charge and free to access
for all. Few in number, experts of this i lk
keep a low profile and use pseudonyms to
disguise their real identities.
Typical motives
The hackers motiv
define with confide
Hollywood stereot
people will come toHowever, those ha
apprehended in th
agreed to speak ab
often included the
challenge and a dis
drivers for their be
reputation is some
additional motive.
Copyright The Risk Management Group, 2013
Ht Hacktivists
-
8/11/2019 Cloud Computing Security Breaches
39/54
Profile
The Hacktivist is a politically or ideologically
motivated hacker who tends to focus his or
her activities on particular governments,
organisations or high-profile individuals.
The employees of target organisations are
often targeted as well.
Often less technically skilled than a true
hacker, the hacktivist makes up for this
deficiency through extensive use of social
engineering and espionage, sometimes
placing spies within the target organisation
as employees.
Typical motives
Motives include si
political beliefs, rel
environmental con
corporate profit-mbenefits cuts and r
been important inf
Some hacktivists a
engaged in warfare
rebellions, adding a
conventional milita
Copyright The Risk Management Group, 2013
Ma The Malware Developer
-
8/11/2019 Cloud Computing Security Breaches
40/54
Profile
The malware developer has a great d
common with the hacker and may ev
hacker in some cases, but his or her f
on building autonomous pieces of co
have the ability to disseminate them
and infect multiple systems beforeexecuting a variety of payloads.
Increasingly, malware developers are
working along commercial lines and
their skills and their code to generat
revenue. Malware may also be used
hackers to create entry points in targ
systems.
Typical motives
Early malware developers were often
motivated by a desire to demonstrate
security vulnerabilities in software or
organisations, but modern malware
developers appear to be motivated
primarily by profit.
Copyright The Risk Management Group, 2013
In The Corrupted Insider
-
8/11/2019 Cloud Computing Security Breaches
41/54
Profile
The Corrupted Insider begins his or heremployment in good faith but is either
tempted or subverted later on. They often
occupy a position of trust with access to
sensitive information or systems, which
makes them an ideal target for subversion.
Typical motives
Temptations often
combination of eit
opportunity. Typica
perceived need to
lifestyle or offers o
external attacker. I
also play an import
person to betray th
Copyright The Risk Management Group, 2013
Sk The Script Kiddie
-
8/11/2019 Cloud Computing Security Breaches
42/54
Profile
Far more common than the hacker is the script kiddie. Script kiddies lack the supreme
technical skills of hackers, but have sufficient skill and interest in the topic to be able to re
or view text and videos on hacking methods and to download and execute software scriptspecifically produced by hackers for them. Script kiddies, therefore, represent a channel t
market for hackers who wish to reduce their own risk or increase their scope by using a
multitude of less skilled hands. Many of the prominent denial of service attacks and code
injection attacks witnessed over the last two or three years were executed in large part by
script kiddies.
Typical motives
Because of their number, it is almost impossible to assign any
particular set of motives to this group, and they include single
issue extremists, bored teenagers, would be future hackers and
those with a grudge against a particular organisation or brand.
Se The Social Engineer
-
8/11/2019 Cloud Computing Security Breaches
43/54
Profile
The online social engineer is the Internet
version of the conman. He or she specialises in
understanding human behaviour and
psychology and in exploiting that to persuade
targets to either take or avoid specific actions,
often going against their better judgement.
Examples include persuading targets to disclose
personal data, bank account information, trade
or organisational secrets, and other confidential
information or opinions, as well as data
belonging to others.
Typical motives
Social engineer
number of reas
themselves, or
developers, Inte
fraudsters and
actor for whom
valuable as a so
areas or as a m
fraud.
Copyright The Risk Management Group, 2013
Se The Spammer
-
8/11/2019 Cloud Computing Security Breaches
44/54
Profile
The spammer is engaged in a commercial
activity which involves the distribution ofunsolicited messages by any available
electronic means in order to broadcast
advertising to a large target audience. In its
earliest manifestation, spam was typically
delivered via email, but as the technology
has evolved, the world has seen the
emergence of mobile phone spam, instant
message spam and more recently, social
media spam. Although organisations and
service providers have done a great deal tomanage the impact of spam on users and
consumers, spam remains a problem as it
uses up significant amounts of capacity in
the communications network, and at the
end of the day consumers still pay the cost
of this, though they may not be aware of
the fact.
Typical motives
Almost without
a pure profit mo
of denial of serv
have many of th
the difference b
tend to be direc
number of targe
to as many reci
Copyright The Risk Management Group, 2013
Se The Spy
-
8/11/2019 Cloud Computing Security Breaches
45/54
Profile
The online spy may be an agent of the state
or acting in the employ of a corporation. He
or she may also be part of a single issue,
organised crime or terrorist cell. Whatever
the nature of the organisation behind the
spy, the goals and methodologies of spies
are generally consistent; to gather secret
data for the purpose of creating business
intelligence, crime intelligence, military
intelligence or for cyber warfare planning.
This data may include competitive
information, customer data, pricing,
intellectual property, militarily dispositions,
information about Internet infrastructure
and systems, as well as state secrets. Spies
use many of the techniques described
above, including Internet investigations,
malware, hacking, social engineering, and
even fraud to achieve their ends.
Typical motives
A majority of online spies are believed to be
salaried individuals carrying out the
instructions of their employers, and in this
sense, their personal motives are largely
irrelevant. A minority of spies, for examplethose engaged in terrorism or in supporting
single issue extremists, may have purely
ideological motives for their actions.
Copyright The Risk Management Group, 2013
-
8/11/2019 Cloud Computing Security Breaches
46/54
Account Session Hijacking
-
8/11/2019 Cloud Computing Security Breaches
47/54
Hijacking
Session Hijacking, is when you take someones cookieand inje
your browser, letting you log in without the password.
In beginner terms: Session Hijackingis taking the persons uncode (cookie)stored in their browser while they are logged insomething (like GMail). If you have that code, you can put it in
own browser, and trick the system into thinking you are that uis a common method on how you can hack emails.
-
8/11/2019 Cloud Computing Security Breaches
48/54
Example
Cl d C S M d l
-
8/11/2019 Cloud Computing Security Breaches
49/54
Cloud Computing Security Models
There are a plethora of different reference
architectures, models and frameworks forCloud Computing. Which one should an
organization adopt? Of course theres no
straightforward answer to that question and
in this research note we provide guidance on
how to organize some of the best ideas that
are emerging in a practical structure thatshould stand the test of time.
Wh Cl S d h ?
-
8/11/2019 Cloud Computing Security Breaches
50/54
Who uses Clous Security and how ?
S it M d l
-
8/11/2019 Cloud Computing Security Breaches
51/54
Security Model
-
8/11/2019 Cloud Computing Security Breaches
52/54
-
8/11/2019 Cloud Computing Security Breaches
53/54
-
8/11/2019 Cloud Computing Security Breaches
54/54