Glenn Gauvin

Is Your Data Naked in the Cloud?

Discussion created by Glenn Gauvin Employee on Oct 3, 2017

When you move computing resources and data to public clouds, security responsibilities become shared between you and your cloud provider. Unfortunately, the native security capabilities of cloud providers do not offer the same robust protections customers enjoy on their premises-based networks, leaving cloud environments exposed and unprotected.

 

Have a look at our latest White Paper Exposed and Unprotected in Cloud Environments: Why Modern Threat Prevention Security Needs to Be Part of Your Cloud Strategy (attached below) as it takes a look at real security challenges in the cloud.

 

Here are a couple snippets.

 

In the first 15 minutes of our analysis, we gathered the following statistics by our cloud honeypot:

• Ninety two (92) attacks are being recognized by Cowie
• One (1) attack is recognized by Dianoae
• Seven (7) attacks are being recognized by Honeytrap
• Forty nine (49) network based attacks are detected by the Open Source IDS Suricata

 

Within seven days of our service going live, we captured the following details:
• 3.97 Million ssh/telnet based attempts + malware uploaded to the cloud
• 826 attack attemps detected by Dionaea
• 9 attack attempts detected by the ElasticPot search engine
• 98 attempts detected by the web application honeypot Glastopf
• Almost 4900 attacks detected by Honeytrap

 

Our test simulated a typical cloud environment, i.e. what customers are likely to see in a similar span of time –
especially if they just utilize the native ACL filters available through their cloud provider. We can clearly see that cloud
assets are vulnerable to the same types of attacks targeting our premises-based networks, but the key difference is
that on-premises we deploy advanced security protections to safeguard our assets. We need to start doing the same
thing in the cloud.

Outcomes