The cybersecurity industry has long focused on email as a primary vector of network intrusion, with businesses and consumers often reminded of the importance of password managers and 2-factor authentication to thwart potential bad guys. But with cloud-based apps finding greater prominence in recent years, more and more malicious actors have exploited flaws in those platforms and services leading to a rise in ransomware attacks and database leaks.
Here’s what you need to know about cloud platform threats and how to protect yourself and your organization.
Easy-to-use cloud apps can create vulnerabilities
Many cloud-based apps are designed with ease-of-use in mind. This makes them well suited for businesses of all sizes, including those that have embraced remote and hybrid work environments. Some of the most popular cloud services in the enterprise space are communication platforms such as Slack, Zoom, and Microsoft Teams. But for hackers, baked in simplicity can also look like opportunity.
A recent study by researchers from the University of Wisconsin-Madison has uncovered weaknesses in Slack, Zoom, and Teams that are directly linked to their user-friendly design. The report explains some default settings are essentially all-or-nothing permissions, which, if manipulated in the right way, can provide real advantage to hackers. The researchers note it’s possible for bad guys to communicate directly with employees, access private channels, and even intercept data from third-party apps.
Blind spots in cloud platforms are not just hypothetical. In 2021, security researchers uncovered a flaw in Zoom that could let a hacker remotely take over a user’s Mac, and earlier this year Rockstar Games suffered a major breach which reportedly emanated from Slack.
The bigger the company, the bigger the target
Cloud-based services have become so ubiquitous that businesses of all sizes rely upon them. From blue chip companies to startups and mom-and-pop outfits, such apps and platforms underpin countless operations. And while any organization can find itself the target of hackers, with ransomware, some of the most well-known corporations can present a tantalizing prize for nefarious figures.
Security expert Jack Rhysider noted on a recent episode of his Darknet Diaries podcast that, because publicly traded companies have to disclose their earnings each quarter, it can make them a target for hackers. Simply put, the more a company has in its coffers, the more likely they are to pay out a steep ransom.
In 2021, the LockBit ransomware group broke into the internal network of cloud-based business services company Accenture. The hackers reportedly stole six terabytes of information and demanded a $50 million ransom from the organization.
Accenture restored its systems from backup and claimed that the malicious actors did not get access to any client data. The LockBit team refuted that characterization, claiming to have used Accenture’s software to carry out secondary attacks against an airport and multiple airlines.
iThreat’s SignalAlert protects against the fallout of cloud breaches
Despite the challenges, cloud apps are here to stay. According to some projections, global internet-based infrastructure will continue to grow over the next decade. But just as the proliferation of email led to an influx of scams and hacks, the cloud industry will continue to attract nefarious actors looking for fresh exploits.
From fake cloud app login pages to chat platforms becoming avenues for social engineering, organizations are facing an enormous challenge in defending their operations. Fortunately, iThreat has your back.
iThreat’s SignalAlert was built to probe the internet, searching in real-time for proprietary information that shouldn’t be in public. By hunting across the web – from social media platforms to dark web criminal forums and more, SignalAlert can gather intelligence about what is being said and by whom. And should the worst happen, iThreat is there to help, providing investigative support, advising on take-down practices, and more.
iThreat has been in the cyberthreat industry for some 25 years, working with hundreds of companies to undo the work of cyber crooks. From phishing scams, ransomware attacks, malware-enabled botnets, we’ve been there, helping organizations regain control. And as the future evolves, we’ll still be there watching the bad guys on your behalf.