SoylentNews is people
SoylentNews
Study: 60% of Major US Firms Have Been Hacked in Cloud
Hackers have penetrated cloud computing networks of some 60 percent of top US companies, with virtually all industry sectors hit, security researchers said Tuesday.
Researchers at the enterprise security firm Proofpoint said they detected over 15 million unauthorized login attempts to cloud computing networks of US Fortune 500 firms in the first six months of 2019, of which 400,000 were successful.
[...] In analyzing some 20 million user accounts in more than 1,000 cloud deployments, the study found 92 percent of the Fortune 500 companies surveyed were targeted by cyber attacks.
It found 60 percent of the companies had allowed attackers into their cloud networks and six percent had an unauthorized login to an executive account.
Log everything, identify aberrations, and act quickly.
(Score: 5, Insightful) by Bot on Thursday September 26 2019, @06:38AM (3 children)
1. Cloud deployments are more standardized than the old hacked together servers, which means they are easier to autoscan
2. For you the data might be trade secrets but for the cloud provider and its contract it is just data, and we'll be secured according to all the bureaucracy, as cheaply as possible.
3. Leaving a server open or with a guessable password lets you claim you've been hacked, so it is the best way to deliver that data to the guy you sold it to in the black market.
4. All companies employ qualified, eager, techies that collect data and send them to their country of origin.
Account abandoned.
(Score: 3, Interesting) by jmichaelhudsondotnet on Thursday September 26 2019, @02:40PM (1 child)
Well said.
Like I wrote in another comment, there are two extra layers in the cloud, one to surveil and sabotage data on the inside, and a second to aid in identification and encryption on the outside.
1 hardware
2 cloud software
3 OS image, made by same people as 1 and 2
4 application, often same, seldom auditable
5 transmission, wires owned by same
2.5, 3.5, 4.5 can be built into the cloud without you even seeing anything at all, it tricks anyone built on real wires and real hardware, completely. (With open source on your own hardware is a different story, of course, good luck keeping hardware secure without some real money though)
There is no real security in any of these layers, you are just trusting these giant institutions which are essentially spies blowing each other at the top levels. I'm trying to think of a bigger mass delusion than the adoption of this cloud, but I can't. Maybe mass adoption of unsecureable transmitting microphones for personal communication, idk. It literally throws away the basic principles of security and replaces them with a sticker.
Azure is literally operated by spies in a country with a vast history of stealing every piece of data it touches and you aren't supposed to notice this because of a superbowl ad or something. Your windows 10 telemetry data is right there, if you're lucky they won't be keylogging you and analyzing your mic for password keystrokes.
thesesystemsarefailing.net (expecially the cloud though)
(Score: 3, Informative) by DannyB on Thursday September 26 2019, @06:14PM
One of those cloud layers contains Intel Management Engine.
If you eat an entire cake without cutting it, you technically only had one piece.
(Score: 2) by Rupert Pupnick on Thursday September 26 2019, @04:52PM
Can't upmod your maxed out rating, so here: +1
(Score: 3, Interesting) by MostCynical on Thursday September 26 2019, @07:07AM (4 children)
"everyone else has been hacked but us! Quickly, turn off all the passwords"
Cloud deployments are almost always scripted. By people who should know better, but aren't paid enough to delay the go-live..
No one wants to sit and type passwords or manually load certificates, so they get scripted, too (or copied to another location the script can access.. and who wants to add another password process - it was moved it onto the same server so they didn't have to type passwords.
Then leave the scripts, passwords and certificates on the open web, either deliberately ("redployment will be easier") or accidentally ("it's up! delivery bonus and outtahere")
"I guess once you start doubting, there's no end to it." -Batou, Ghost in the Shell: Stand Alone Complex
(Score: 5, Funny) by c0lo on Thursday September 26 2019, @07:56AM (3 children)
Like the case for IoT, the S in the cloud stands for security.
https://www.youtube.com/watch?v=aoFiw2jMy-0
(Score: 2) by DannyB on Thursday September 26 2019, @01:52PM
The SH in IoT stands for Security Hardened.
If you eat an entire cake without cutting it, you technically only had one piece.
(Score: 3, Insightful) by progo on Thursday September 26 2019, @03:33PM (1 child)
The 'o' in cloud stands for the many onerous security theater steps I have to go through in my job to get anything done.
No one knows how to just secure a resource behind SSH.
(Score: 2) by DannyB on Thursday September 26 2019, @06:15PM
That would work if nobody could ever access that resource over SSH.
If you eat an entire cake without cutting it, you technically only had one piece.
(Score: 2) by nobu_the_bard on Thursday September 26 2019, @08:41PM
Title should be
"Study: 60% of Major US Firms Have Been Hacked in Cloud That We Know About"
First line should be
"Researchers suspect it's more like 99.99% but 20% of firms are so penetrated they're actually complicit and the rest are too clueless to have noticed. Most likely the only unhacked hosted content ever created continues to be http://zombo.com/" [zombo.com]