Pages

Friday, October 21, 2016

Compromised Cloud Hosting Services

I was a longtime advocate against storing your data or images on the cloud servers due to several factors:

1. You don’t personally manage the cloud hosting and know nothing about how they are protected;
2. The world-wide hackers are very sophisticated on finding the holes in the security systems, and they have been successful in their attempts to break the security not only in the average-protected systems but also in the government and large corporations networks that have enough resources for protection;
3. When you use the local (at home) storage, perhaps if you are security-aware, you have protected home network and know what secures your PCs and storage;
4. Your home network is a very small target to distort money because the large companies will pay more and, therefore, are more desirable targets for hackers.

If you think that your stored in the cloud images or documents are not important and you don’t care if you lose them, think again.

The cloud storages and services serve thousands of people and companies, so you will become one of many victims who had to pay a ransom to the hackers because by compromising the cloud they can also gain an access to your home PC and cause you a major headache.

Recent news: Microsoft’s OneDrive for Business was recently exploited by cybercriminals.  Although it’s unclear how the accounts were compromised, this new series of hacks allows cybercriminals access to sensitive business information.  Cybersecurity experts advised businesses to take actions and secure their accounts.

Here are few suggestions:

1. Consider keeping your data and images locally instead of could-based. Yes, I know your arguments regarding free services and convenience to share the data. Still, it is a fact that cloud can be compromised.

2. Remember that the Facebook is also a cloud-based service. In addition, almost every smartphone application communicates thousand times per day with Amazon-based cloud storage (I have personally seen it on my smartphone when I have installed the software firewall on my Note IV).

3. Think about your home network as your asset and a part of your belonging (like furniture, electronics, clothe, and jewelry). Would you let anyone steel or damage it? You would probably install the home security sensors on every door and window.

4. Start with your home cable modem/router. Check with the vendor if the firmware of your router has the latest updates. Apply them as soon as possible.

5. Replace your passwords with passphrases.

6. Install software firewalls on each PC in addition to anti-malware software. Spend some time on reading the articles about the best protection software today. Replace your existing antimalware software if it is in the bottom of the list vs. competitors. I have recently replaced my Viper and even Avast (still not bad) with the licensed copy of Bitdefender (good for 3 computers).

7, Create regular user accounts on your PCs or laptops that have no administrator's privileges. Login with those new user names. Switch to Administrator's account only as needed.

You may want to spend time reading my article (March 2015) about protecting your home network and smartphone.

Now, read below the latest information (the most important statements from the article) about compromised cloud hosting services.


Homeland Security News Wire | October 19, 2016

A study of twenty major cloud hosting services has found that as many as 10 percent of the repositories hosted by them had been compromised — with several hundred of the “buckets” actively providing malware. Such bad content could be challenging to find, however, because it can be rapidly assembled from stored components that individually may not appear to be malicious.

In the cloud, malicious actors take advantage of how difficult it can be to scan so much storage. Operators of cloud hosting services may not have the resources to do the deep scans that may be necessary to find the Bars - and their monitoring of repositories may be limited by service-level agreements.


Overall, the researchers scanned more than 140,000 sites on twenty cloud hosting sites and found about 700 active repositories for malicious content. In total, about 10 percent of cloud repositories the team studied had been compromised in some way. The researchers notified the cloud hosting companies of their findings before publication of the study.

“It’s pervasive in the cloud,” said Beyah. “We found problems in every last one of the hosting services we studied. We believe this is a significant problem for the cloud hosting industry.”

In some cases, the bad actors simply opened an inexpensive account and began hosting their software. In other cases, the malicious content was hidden in the cloud-based domains of well-known brands. Intermingling the bad content with good content in the brand domains protected the malware from blacklisting of the domain.

Beyah and Liao saw a wide range of attacks in the cloud hosted repositories, ranging from phishing and common drive-by downloads to fake antivirus and computer update sites. “They can attack you directly from these buckets, or they can redirect you to other malicious buckets or a series of malicious buckets,” he said. “It can be difficult to see where the code is redirecting you.”


Tags: cloud hosting, hacking, compromised data, storage