Cloud Security Assessment

Why businesses are failing to protect Cloud data?

  • Organizations are failing to protect sensitive data in the cloud. Businesses are taking advantage of the cloud, but not applying adequate security.
  • The challenge in addressing the threat of data loss and data leakage is that the organizations opt to keep offline backups of data to reduce data loss, which eventually increases the exposure to data breaches.
Ecom Infotech

Understanding Attack Scenario:

During an attack, an outside party attempts to flood an organization’s systems using a numerous amount of connections to overwhelm the system. Since the hackers can use programs or bots to generate numerous attacks, organizations cannot block just one IP address from shutting down a specific process.

There are three basic categories of attack:

  • Volume-based attacks: which use high traffic to inundate the network bandwidth
  • Protocol attacks: which focus on exploiting server resources
  • Application attacks: which focus on web applications and are considered the most sophisticated and serious type of attacks

Studies agree that providers need more comprehensive cloud security measures to mitigate an attack, such as a DDoS incident. However, organizations should also be aware that the main purpose of an attack is to not just disrupt a system but to steal data as well.

Ecom Infotech
Ecom Infotech
Ecom Infotech

Attacks on OSI Layers:

OSI Layer

Protocol Data Unit (PDU)

Protocols

Examples of at each Level considering OWASP Risks

Potential Impact of an Attack

Application Layer

Data

Uses the protocols FTP, HTTP, POP3, & SMTP and uses Gateway as its device.

PDF GET Requests, HTTP GET, HTTP POST, website forms(login, uploading photo/video, submitting feedback)

Reach resource limits of services; Resource starvation

Presentation Layer

Data

Uses the protocols Compression & Encryption.

Malformed SSL Requests -- Inspecting SSL encryption packets is resource-intensive. Attackers use SSL to tunnel HTTP attacks to target the server.

The affected systems could stop accepting SSL connections or automatically restart.

Session Layer

Data

Uses the protocols Logon/Logoff.

Telnet DDoS-attacker exploits a flaw in a Telnet server software running on the switch, rendering Telnet services unavailable.

Prevents administrators from performing switch management functions.

Transport Layer

Segment

Uses the protocols TCP & UDP.

SYN Flood, Smurf attack

Reach bandwidth or connection limits of hosts or networking equipment.

Network Layer

Packet

Uses the protocols IP, ICMP, ARP, RARP, & RIP and uses Routers as its device.

ICMP Flooding - A Layer 3 infrastructure DDoS Attack method that uses ICMP messages to overload the targeted network's bandwidth.

It can affect available network bandwidth and impose extra load on the firewall.

Datalink Layer

Frame

Uses the Protocols 802.3 & 802.5 and its devices are NICs, switches bridges & WAPs.

MAC flooding - inundates the network switch with data packets.

Disrupts the usual sender to recipient flow of data - blasting across all ports.

Physical Layer

Bits

Uses the Protocols 100Base-T & 1000 Base-X and uses Hubs, patch panels, & RJ45 Jacks as devices.

Physical destruction, obstruction, manipulation, or malfunction of physical assets.

Physical assets will become unresponsive and may need to be repaired to increase availability.

Areas covered by our Comprehensive Assessments for the Cloud:

The following are some of the security concerns we review during a Cloud Assessment:

  • Authentication, authorization, and identity management
  • Cloud networking
  • Cloud compute
  • Cloud storage
  • Configurations
  • Policies and procedures
  • Data Backup and encryption

Our methodology used to develop and execute these reviews is an amalgam of techniques that features in best practices from cloud service providers and security standards from reputable sources (including hardening guides such as the NIST Benchmarks). We periodically align our methodology to the compliance and regulatory standards that many organizations have to adhere to when implementing computing services.