December 13, 2023 By Ramandeep Kaur
Megha Sasidhar
5 min read

Cloud computing has become an integral part of IT infrastructure for businesses of all sizes, providing on-demand access to a wide range of services and resources. The evolution of cloud computing has been driven by the need for more efficient, scalable and cost-effective ways to deliver computing resources.

Cloud computing enables on-demand access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications and services) over the internet. Instead of owning and maintaining physical hardware and infrastructure, users can leverage cloud computing services provided by third-party providers.

Cloud service and deployment models

Cloud computing is commonly categorized into service and deployment models:

Service models

  1. Infrastructure as a Service (IaaS): Provides virtualized computing resources over the internet. Users can rent virtual machines and storage and networking components.
  2. Platform as a Service (PaaS): Offers a platform that includes tools and services for application development, testing and deployment. Users can focus on building applications without managing the underlying infrastructure.
  3. Software as a Service (SaaS): Delivers software applications over the internet on a subscription basis. Users access the software through a web browser without worrying about installation or maintenance.

Deployment models

  1. Public cloud: A third-party cloud service provider owns and operates resources and makes them available to the general public. Some providers include Amazon Web Services (AWS), Microsoft Azure and Google Cloud Platform.
  2. Private cloud: A single organization exclusively uses resources. Either the organization or a third-party provider can manage the infrastructure, which can be located on-premises or off-site.
  3. Hybrid cloud: Combines public and private cloud models to allow data and applications to be shared between them. This provides greater flexibility and optimization of existing resources and infrastructure.

4 common cloud attack scenarios

Unfortunately, every rapidly growing industry attracts not only enthusiastic entrepreneurs but also malicious actors whose goal is to take advantage of any security holes that would be unable to defend against various attacks. Here are some examples of common attack scenarios in the cloud.

1. DDoS attacks

A distributed denial of service (DDoS) attack occurs when a web application is overloaded with a high volume of traffic. DDoS protection services, like AWS Shield, can mitigate such attacks.

AWS Shield uses machine learning algorithms to analyze incoming traffic, identify patterns indicative of a DDoS attack and take action to stop the attack.

2. Data breaches

A data breach involves exploiting vulnerabilities to access and exfiltrate sensitive data. But regularly updating software, encrypting sensitive data, monitoring for unusual activity and building a good incident response can help prevent data breaches.

Below is an incident response example code (AWS Lambda for Incident Response) in Python (Boto3 is a Python software development kit [SDK] for AWS).

3. Man-in-the-middle attacks

A man-in-the-middle (MitM) attack occurs when communication between two parties is intercepted for malicious intent. The use of encryption (SSL/TLS) and implementing secure communication protocols can help prevent a MitM attack. Without encryption, data transmitted over the network can be intercepted.

The code below is an example of encrypting S3 Objects with AWS SDK for Python-Boto3.

4. Brute force attacks

A brute force attack is a hacking method that uses trial and error to crack passwords, login credentials and encryption keys. It is a simple yet reliable tactic for gaining unauthorized access to individual accounts and organizational systems and networks.

AWS CloudWatch Alarms can provide logging and monitoring services where repeated login attempts might go unnoticed.

Cloud configuration security best practices

Security in cloud computing involves implementing measures to protect data, applications and infrastructure in a cloud environment from potential threats. Here are some best practices in key areas of cloud configurations in AWS and Azure associated with securing cloud environments.

 AWS

 Identity and access management (IAM):

  • Use the principle of least privilege when assigning permissions to users, roles and groups
  • Regularly review and audit IAM policies to align with business requirements
  • Enable multi-factor authentication (MFA) for enhanced user authentication.

Example AWS IAM policy:

If IAM policies are not properly configured, an attacker might gain access to sensitive resources.

VPC (virtual private cloud) configuration:

  • Utilize separate subnets for public and private resources.

 Example code (AWS CloudFormation):

S3 Bucket Security:

  • Regularly audit and review access controls for S3 buckets
  • Enable versioning and logging to track changes and access to objects
  • Consider using S3 bucket policies to control access at the bucket level
  • Enforce server-side encryption for S3 buckets.

Example code (AWS CLI):

Azure

Azure role-based access control (RBAC):

  • Assign the principle of least privilege using Azure RBAC.

 Example code (Azure PowerShell):

Azure Blob storage security:

  • Enable Blob storage encryption.

 Example code (Azure PowerShell):

 Azure virtual network:

  • Implement network security groups (NSGs) for access control.

 Example code (Azure Resource Manager Template):

Keeping digital assets secure in the cloud

Securing cloud configurations is essential to safeguard digital assets and maintain a resilient cybersecurity posture. Organizations should focus on continuous monitoring, compliance checks and proactive incident response planning to address the dynamic nature of cyber threats in the cloud.

In addition, implementing the principles of least privilege, encryption, identity and access management and network security best practices not only protects the cloud environment against potential vulnerabilities but also contributes to a culture of security awareness and responsiveness within the organization.

As cloud computing continues to evolve, organizations should commit to staying ahead of emerging security challenges and adapting configurations to maintain a resilient and secure digital presence.

Not sure how to start? IBM Security has a range of cloud security services to protect your cloud environment.

More from Cloud Security

Cloud Threat Landscape Report: AI-generated attacks low for the cloud

2 min read - For the last couple of years, a lot of attention has been placed on the evolutionary state of artificial intelligence (AI) technology and its impact on cybersecurity. In many industries, the risks associated with AI-generated attacks are still present and concerning, especially with the global average of data breach costs increasing by 10% from last year.However, according to the most recent Cloud Threat Landscape Report released by IBM’s X-Force team, the near-term threat of an AI-generated attack targeting cloud computing…

Cloud threat report: Possible trend in cloud credential “oversaturation”

3 min read - For years now, the dark web has built and maintained its own evolving economy, supported by the acquisition and sales of stolen data, user login credentials and business IP. But much like any market today, the dark web economy is subject to supply and demand.A recent X-Force Cloud Threat Landscape Report has shed light on this fact, revealing a new trend in the average prices for stolen cloud access credentials. Since 2022, there has been a steady decrease in market…

Autonomous security for cloud in AWS: Harnessing the power of AI for a secure future

3 min read - As the digital world evolves, businesses increasingly rely on cloud solutions to store data, run operations and manage applications. However, with this growth comes the challenge of ensuring that cloud environments remain secure and compliant with ever-changing regulations. This is where the idea of autonomous security for cloud (ASC) comes into play.Security and compliance aren't just technical buzzwords; they are crucial for businesses of all sizes. With data breaches and cyber threats on the rise, having systems that ensure your…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today