In Wake of Target Breach, Firms Focus on Cloud Security

Posted by skyhighnetworks on March 19th, 2014

After a massive breach involving millions of customer credit cards, Target and the government are investigating what went wrong. What’s clear is that cyber criminals are using increasingly sophisticated attacks against valuable assets, and one of their main targets is the cloud. “As more companies store their data in the cloud, attackers are looking for one stop shopping for sensitive data,” according to Jason Ejuma, Director of Cybersecurity at Google.

When thousands of companies store data in one place, it makes an attractive target for criminals looking to amplify the rewards of a successful attack. Rather than just one company’s data, they now have access to thousands.

Cyber criminals are adapting their tactics to take advantage of the growth in cloud usage, leverage cloud security services for a variety of different types of attacks. Watering hole attacks take advantage of tracking services that track users as they surf the web to find vulnerabilities and plant malware. These tracking services offer no business value to the company being tracked, and are a security risk if left unmanaged. While the vector of attack is a website, the cloud is an integral part of way the attack works.

In some cases malware can be delivered directly from a cloud service. Open source code repositories are experiencing increases in malware being inserted into code that is then downloaded by unsuspecting developers with the risk of it making its way into their own company’s products and services. IT security teams need new tools and approaches to identify threats that exploit tracking services and open source code repositories so they can take appropriate steps to secure the organization and its data once a attack or malware infection has been identified.

The cloud can also be a vector of data theft. Malware can exfiltrate data from your company into a cloud service. For instance, using Skyhigh one company found a single IP address at the company sent over 100,000 tweets in a single day. Upon closer inspection, they found the computer was infected with malware that was exfiltration data 140 characters at a time. It can be difficult to separate typical activity, say a marketing team using Twitter, and a bot that is stealing valuable data. That’s where baselining and anomaly detection come into play. By developing behavioral baselines IT can quickly identify when a security breach occurs.

Employees are voting with their feet by choosing to adopt technology that helps them be more productive and grow the business. In a sense, they’re crowdsourcing the selection process for new technology and providing an enormous service to the IT department by selecting services that they will like to use. Instead of going through lengthy procurement processes that may end up selecting a technology that doesn’t work for the business, IT has an opportunity to partner with the business and enable and secure the cloud security services that are already in use.

Once companies have visibility into what cloud services are in use and the enterprise readiness of those services, they can then go and enable the ones that make sense. That can include consolidating multiple services onto 1-2 low risk services using enterprises licenses, which not only improves collaboration but also reduces cost with volume pricing. Companies are blocking fewer low risk cloud services and instead are embracing them. For instance, a company using 39 different file sharing services standardized on Box – and in doing so improved collaboration and reduced their overall risk and cost.

Author :
Skyhigh Networks, the Cloud Security Services company, enables companies to embrace Cloud Security Services with appropriate levels of security, compliance, and governance while lowering overall risk and cost. With customers in financial services, healthcare, high technology, media, manufacturing, and legal verticals, the company was a finalist for the RSA Conference 2013 Most Innovative Company award and was recently named a "Cool Vendor" by Gartner, Inc. Headquartered in Cupertino, Calif., Skyhigh Networks is led by an experienced team and is venture-backed by Greylock Partners and Sequoia Capital. For more information, visit us at http://www.skyhighnetworks.com or follow us on Twitter@skyhighnetworks.