Attackers will continue to develop increasingly sophisticated techniques, including the use of artificial intelligence, to exploit vulnerabilities in cloud environments.
This is the warning from the Cloud Security Alliance (CSA) in their new report — “Top Threats to Cloud Computing 2024” — which aims to raise awareness of cloud security threats, vulnerabilities, and risks.
In addition to presenting a list of the top 11 ongoing threats, the report also addressed some key trends that may shape the future of cloud computing. Among them, the CSA’s Top Threats Working Group observed a trend of increased attack sophistication.
In addition, the working group sees risk in the supply chain. The growing complexity of cloud ecosystems will expand the attack surface, driving organizations to extend security measures to their vendors and partners.
The top cloud security threats were chosen by the more than 500 security professionals who responded to the survey. Threats were graded on a 10-point sliding scale and then totaled and averaged, presented in rank order.
The CSA described each of the top 11 threats along with its potential impacts in technical, operational, financial, and reputational areas. The cloud security threats (with further detail here on the top five) are:
- Misconfiguration and inadequate change control. Misconfigurations involve improper setups of cloud assets, leaving them vulnerable to damage or malicious activity due to a lack of cloud knowledge, poor understanding of security settings, or nefarious intentions.
- Identity and Access Management (IAM). IAM ensures access to resources is granted only to authorized individuals after identity verification. However, its complexity and evolving cloud security threats present challenges, potentially introducing vulnerabilities if features such as user authentication, authorization, and single sign-on are not properly managed.
- Insecure interfaces and APIs. Application programming interfaces and user interfaces become vulnerable for various reasons, including inadequate authentication mechanisms, lack of encryption, improper session management, insufficient input validation, outdated or unpatched software, and other reasons.
- Inadequate selection/implementation of cloud security strategy. The absence of a cloud security strategy and architecture hampers the implementation of effective and efficient infrastructure security efforts and designs. Recurring security failures can be attributed to inadequate strategy and design, and result in various impacts, the report cautions.
- Insecure third-party resources. Third-party resources — such as externally written code, open-source libraries, SaaS products, and insecure interfaces and APIs — pose supply-chain vulnerabilities. Research from Colorado State University shows two-thirds of breaches result from supplier or third-party vulnerabilities. Cyberattacks can originate from any integrated component, even a single line of code.
- Insecure software development.
- Accidental cloud data disclosure.
- System vulnerabilities.
- Limited cloud visibility/observability.
- Unauthenticated resource sharing.
- Advanced persistent threats.
“It’s tempting to think that the reason the same issues have remained in the top spots since the report was last issued stems from a lack of progress in securing these features,” said Michael Roza, co-chair of CSA’s Top Threats Working Group and one of the cloud security threat report’s lead authors.
“The larger picture, however, speaks to the importance placed on these vulnerabilities by organizations and the degrees to which they are working to build ever more secure and resilient cloud environments.”
Cybersecurity continues to be a very hot issue, as evidenced by the news last month that Google is preparing to buy cybersecurity firm Wiz for $23B.
