Attacks on cloud accounts increased a shocking 630% in 2020. Why so high? There are several converging factors.
One reason cloud account hacks, also known as “cloud jacking,” are so high is because of the disruption of the pandemic. Many companies were quickly adopting new cloud solutions to facilitate remote teams. This left a security gap where remote workers and new cloud tools weren’t properly secured.
It’s estimated that 20% of organizations have reported a security breach due to a remote worker since the pandemic began.
Another reason for the rise in cloud jacking is that cloud use and cloud attacks have already been on an upward trajectory even before the pandemic started.
Hackers are naturally going to go where the data is and companies have been moving their data to the cloud in large numbers for a decade or more since it became a viable option for business workflows.
Why Should You Worry About Cloud Jacking?
One of the most famous recent cloud jacking incidents happened to Colonial Pipeline. A ransomware attack that shut the pipeline down for six days, caused widespread gasoline shortages and increased the cost of a gallon of gas nationwide.
All that damage was caused by a cloud jacking incident. The company had an unused VPN (virtual private network) account that was never closed (Mistake #1), and it was also not protected with multi-factor authentication (Mistake #2). That was all hackers needed to breach the account, and release ransomware throughout the company’s network.
The types of attacks that can occur with cloud jacking are widespread. Here are some of the most common:
- Infecting cloud storage, syncing computers, and a company network with ransomware or other malware
- Stealing personal data on employees, customers, or vendors to sell on the Dark Web
- Using the company’s email domain to send phishing and spam
- Stealing documents on a cloud storage account
- Accessing any stored banking or credit card details
- Changing account security settings
- Adding or removing account users
- And more
Cloud jacking can result in a major breach that puts a company out of commission for days, just like it did with Colonial Pipeline.
Tips for Protecting Your Cloud Accounts from Being Compromised
Enable Multi-Factor Authentication on All Accounts
Enabling multi-factor authentication (MFA) can dramatically reduce the potential for cloud account breaches. But many companies don’t take this simple step.
All it requires is for a user to enter the device information (such as a mobile number) for receiving the MFA code, then upon login, they are sent a time-sensitive code to input along with their login credentials.
You can use a single sign-on (SSO) application to reduce the number of separate apps that employees need to log into with MFA each day.
Get Help Configuring Cloud Settings
Do you leave your cloud app security settings at the default? Then you could be one of the many companies suffering from misconfiguration, which is the main cause of cloud account breaches.
SaaS providers provide higher-level settings than are typically defaulted, but it’s up to the users to put them into place. Most users don’t fully understand them or what they should do to configure account security.
Get help from an IT pro, like Quantum. We can ensure that all your cloud accounts are secured and are using the most appropriate settings for your needs and account protection.
Use a Cloud Access Security Tool
Employees use so many different cloud accounts that it’s often hard for companies to keep track of them all, much less properly secure them. The use of a cloud access security tool (like Microsoft Cloud App Security) can streamline the process.
Some of the advantages of this type of tool are:
- Applies consistent security policies across all cloud apps
- Can restrict device access to apps
- Tracks and monitors app access to detect unauthorized login attempts
- Can detect the use of shadow IT (apps users are using for work that you don’t know about)
- Can provide guidance on any security or compliance issues a new cloud tool might have
Conduct Ongoing Employee Cybersecurity Training
Cloud jacking is mainly done through the use of compromised user credentials, so it’s important to conduct ongoing cybersecurity training on phishing and password security.
Users should be aware of phishing emails designed to take them to spoofed login pages and steal their credentials.
They also need to be using password best practices, which include:
- Use of strong passwords
- Not reusing passwords across multiple applications
- Not sharing passwords
- Not storing passwords in an insecure manner
The use of a password manager can help improve the strength of user passwords and reduce the risk of a breach.
How Secure Are Your Cloud Accounts Right Now?
Quantum PC Services can help your Sturgeon Bay area business review your cloud application security settings and make recommendations to reduce your risk of a breach.
Contact us today to learn more! Call 920-256-1214 or reach us online.