February 25, 2016

Lessons Learned From Recent Cloud Security Debacles

By Cloud Syndicate

Recent Cloud Security Debacles

Just as cloud computing is on the rise, so are cloud security threats, and they should be on the top priority list of every organization that has embraced cloud-based services. Incidents of cybercrime are being reported quite frequently, but the majority of them are not being reported at all.

Many organizations choose to deal with cyber-attacks on their own, without notifying proper authorities, let alone their customers, about their private information being encrypted or stolen. Such a terrible mistake could cost them their business, but the main reason for those kinds of incidents happening in the first place is that those businesses fail to address the issue of security flaws and fix them immediately.

There were incidents concerning cloud security quite recently, so let’s take a look at what happened and what you can do to prevent the same thing from happening to you and your organization.

The Asus Debacle

security-breach

Asus put hundreds of thousands of its customers at risk by offering them cloud computing services that had very serious security flaws in their routers, which they failed to fix in a timely manner. They failed to take certain steps towards securing the software in the routers, resulting in thousands of storage devices of their customers being compromised and their personal information being exposed.

Their routers supposedly had security features that could “protect computers from any unauthorized access, hacking, and virus attacks”, but that evidently wasn’t the case. Those routers had major security flaws that Asus didn’t fix and that put all of their customers at risk, especially by failing to notify them about it.

Asus settled an FTC complaint about failing to take security measures to fix the problem and protect its customers’ personal information. The settlement requires Asus to establish and maintain a security program subject to independent audits for the next 20 years.

The Los Angeles Hospital Ransomware Debacle

Hollywood Presbyterian Medical Center in Los Angeles was yet another victim of cybercrime recently. Their computer systems were locked due to Ransomware, a malicious software often in the form of an e-mail that seems legitimate, that hackers use to literally lock computers and encrypt the data.

Naturally, they request a considerable amount of money to be paid in order for the victims of the attack to retrieve their data. Ransomware is becoming one of the most serious cybersecurity threats nowadays and the worst part about it is that, when you fall prey to such an attack, you have no other choice but to pay the hackers. There is often a limited time for doing so, before you permanently lose access to your data or the data becomes public.

That is what the aforementioned hospital did, paying a $17000 ransom to unlock their computers and get back the encrypted medical records of its patients.

What Can Be Learned from These Cyber-Attacks?

8CyberSecurity(FP)

These incidents often happen because not much, if any, attention is being paid to cybersecurity training and the IT staff is underfunded, resulting in many organizations being quite easy targets to cyber-attacks. Every business must address any potential security flaw and fix it quickly in order to prevent data breaches and loss of any sensitive data.

The best way of effectively accomplishing that have always been, and will remain, regular data backups. The encryption of data is also of crucial importance, as well as not allowing the account credentials to be shared between users and services, which is done by implementing two-factor authentication techniques.

In order to prevent cybersecurity crimes, organizations should also implement advanced security tactics, such as micro-segmentation. Micro-segmentation technologies provide security inside data centers, focusing on the security of the workload. They should be top priority for every organization looking to lower the risk of data breaches and any form of cyber-attack that could put their business and their customers at risk.

You need to carefully plan your cloud security approach, and one way to do that is to provide security as a set of on-demand, scalable services.

Cybersecurity threats are the most talked-about security issues nowadays and every business must be aware of the risks that cyber-attacks carry and the dire consequences they could face if they fall victims to hackers’ actions. Desperate times call for desperate measures, and the time for drastic security measures is now.

By Pavle Dinic

Cloud Syndicate

Welcome to the 'Cloud Syndicate,' a curated community featuring short-term guest contributors, curated resources, and syndication partners covering diverse technology topics. Connect your technology article or news feed to our syndication network for broader visibility. Explore the intersections of cloud computing, Big Data, and AI through insightful articles and engaging podcasts. Stay ahead in the dynamic world of technology with our platform for thought leadership and industry news.

Join us as we delve into the latest trends and innovations.

Innovative Solutions Ensuring Cybersecurity in Cloud-Native Deployments

Innovative Solutions Ensuring Cybersecurity The digital landscape is evolving at a breakneck pace, and organizations [...]
Read more

Data Security in the Cloud: 5 Critical Best Practices

What Is Data Security in the Cloud? Data security in the cloud refers to the [...]
Read more

5 Azure Cost Management Strategies

What Is Azure Cost Management? Azure cost management refers to the practices and processes that [...]
Read more
Srini Kalapala

Driving Growth: Srini Kalapala Discusses Verizon’s Network APIs

Welcome to our interview with Srini Kalapala, Senior VP of Technology and Product Development at [...]
Read more
Mariusz Michalowski

Streamlining Infrastructure Management with Terraform Automation

Streamlining Infrastructure Management The growth of cloud computing and infrastructure as code (IaC) practices has [...]
Read more
Stacey Farrar

Embracing Governance to Navigate 2024’s Tech Trends

Mastering Governance Strategies for Success The start of a new year is a fitting time [...]
Read more

SPONSOR PARTNER

Explore top-tier education with exclusive savings on online courses from MIT, Oxford, and Harvard through our e-learning sponsor. Elevate your career with world-class knowledge. Start now!
© 2024 CloudTweaks. All rights reserved.