Almost every action in the modern world has an electronic footprint. Technological development provides more opportunities and conveniences in the daily activities of business and an average person. The cloud is increasingly being used to store sensitive data (banking information, card and bank account numbers, medical records, personally identifiable information (PII), phone number, address, etc.). On the one hand, this is very convenient, on the other hand, it increases the risk of information disclosure. There are many options for how cybercriminals obtain sensitive data. For example, an attack (a targeted attempt to cause damage through technical or social means), a hack (a type of attack using technical vulnerabilities to gain unauthorized access), a leak (caused by some act or omission of the party that owns the data).
However, there is a separate type of leaks – cloud leaks. This type is the cause of other larger and more dangerous cases of data disclosure. The cloud is part of the Internet and offers a separate private place to perform various business operations. A cloud leak occurs when cloud storage is not properly separated from the Internet.
A cloud data leak is a situation in which sensitive data stored in a private cloud is accidentally leaked onto the Internet. A mistake simplicity is incommensurable with consequences scale. There are many benefits to using the cloud or partnering with vendors that use it. However, it is worth considering potential problems and risks. Cloud leaks are an operational issue that needs to be addressed within the IT processes that manage data processing in the cloud.
information that may be disclosed:
- Customer data. Each company requests and stores its own set of customer information. However, there are general parameters: identification information (name, address, phone number, email, password), activity information (order history, payments, usage details, interests, etc.), bank card information (card number, CVV, card expiration date, billing information);
- Company data. Internal communications (notes, letters, documents describing business operations, etc.), metrics (performance statistics, forecasts, reports, etc.), strategy (ideas and plans, development strategy, and other business information);
- Trade secret. The most dangerous type of information. Such information is often the target of industrial espionage. Trade secrets include plans, formulas, designs, information about existing and future products and services, code and software, patented technology, market strategies, contacts, etc.;
- Psychographic data (preferences, personality characteristics, demographics, messaging, etc.), behavioral data (for example, information about user behavior on the site), modeled data (for example, predictive data);
Goals of using disclosed data:
- Social engineering: disclosed information like psychographic data, behavioral analytics, personal data is especially conducive to social engineering attacks;
- Targeting: personally identifiable information can be used for fraud, as well as for disclosing a person’s information against his will (doxing);
- Influence: obtaining psychographic information provides almost limitless possibilities of use. The purpose of obtaining such data is to understand and predict the reaction of people to certain situations, events, products, etc. In politics, they use it to increase the number of votes, companies – to attract new customers;
- Disruption: cloud leaks harm business operations and the business as a whole;
Cloud leak prevention:
- Verification: verification of cloud storage configurations during deployment and during use;
- Automation: implementation of automated controls and configuration checks to speed up, avoid manual work and errors;
- Assessment and optimization of third-party risks: understanding the potential risks of cooperation with a third party, level security verification.