What we can learn from cloud security breaches?

Cloud Security Breaches

With the widespread shift toward cloud computing in recent years, organizations across every industry have had to rethink their data security strategies. While early concerns about the security of cloud platforms have been largely dispelled, there are some considerations that need to be addressed in order to protect cloud solutions and the data they store, process or access.

Stanford Advanced Computer Security Program Co-Director Neil Daswani recently led a webinar discussing the challenges associated with cloud security. The latest in a series of webinars covering data security, Director Daswani’s presentation highlighted some of the largest and most expensive cloud security breaches to date. Each of these security incidents offer learning opportunities for IT professionals who want to gain the knowledge and skills needed to protect today’s cloud environments.

Watch Full Webinar

Lax security settings left MongoDB open to attack

In late 2016 and early 2017, cybercriminals launched a massive campaign against Amazon Web Services users, targeting roughly 46,000 MongoDB databases. The perpetrators were able to gain full admin control over those databases, effectively holding them ransom until victims paid for their return.

An assessment of this security incident revealed that the underlying problem centered around AWS security settings. In many cases, users failed to properly configure their MongoDB implementations to prevent unauthorized access. If they had limited privileges and established secure defaults, it’s unlikely that malicious actors would have been able to gain admin access.

Director Daswani also noted that a more comprehensive data backup strategy could help minimize the impact of this type of breach by providing a clear pathway to retrieving inaccessible files, documents and records.

Firewall misconfiguration led to a major Capital One breach

The 2019 Capital One data breach was among the largest ever recorded in the United States, with a single hacker managing to steal roughly 100 million Social Security numbers. After the dust had settled, researchers determined that the incident cost Capital One more than $300 million to address and remediate.

The cause of this historically expensive data breach: a fairly simple firewall misconfiguration. Taking advantage of that vulnerability, the hacker conducted what is known as a server-side request forgery and gained the security credentials needed to access data stored on the company’s cloud platforms.

Compliance demands loom large over cloud solutions

Data privacy and security regulations have grown more complex over the past few years, making it even more difficult to manage cloud security requirements. The EU’s General Data Protection Regulation (GDPR), for instance, mandates that businesses storing or processing European consumer data put more stringent controls in place to track and maintain that information.

Many other governments and organizations have followed GDPR’s lead, establishing their own updated set of guidelines that include data breach response requirements. The California Consumer Privacy Act is among the most noteworthy examples in the U.S., with policies that closely align with the ones outlined by GDPR.

Among these new directives, data locality is arguably the most pressing issue that businesses need to address. Director Daswani highlighted a few different ways to manage those demands when using cloud solutions, including some commands specific to Google cloud platforms.

In general, the cloud offers a number of opportunities to secure data and adhere to regulatory standards through its abundance of configurations. Understanding the best way to set up and manage cloud platforms will help IT teams protect organizational data and prevent a costly breach from occurring.

To learn more about recent cloud security breaches and the key lessons to take away from them, be sure to watch the full webinar. There are plenty of insights to be gleaned from Director Daswani’s presentation, from ways to protect AWS S3 buckets to compliance best practices.

Watch Full Webinar

If you’re ready to take the next step in your cyber security career or simply want to learn how to protect your organization against a cyber attack, consider earning a certificate from Stanford’s Advanced Computer Security Program. The online courses provide the freedom and flexibility to learn at your own pace and wrap a world-class education around any schedule. Enroll today to start honing your cyber security skills to address the latest threats and challenges.