22/12/2016
By Marcio Kanamaru, General Director of Intel Security in Brazil
Increasingly, trust in the cloud is increasing, companies are opting for these services due to greater flexibility and attractive cost. Currently, we can no longer consider whether a company should migrate its processes to the cloud (whether public, private or hybrid), the question is when this will happen, because the path is inevitable. With the growing volume of sensitive data and connected devices, it is normal for this movement to also attract the attention of cybercriminals.
McAfee Labs recently released a report on cyber threats that are likely to emerge or worsen in the coming years, and noted that with the increased adoption of public and private cloud services, credentials and authentication systems will continue to be a vulnerable point and interesting for attackers.
Certainly, cybercriminals will try very hard to steal credentials, especially administrator credentials, as these provide broader access. Other vulnerabilities that can be exploited will be the breaches of coverage between layers of services in the cloud. It can happen that organizations do not adopt clear policies regarding the division of responsibilities of each layer between cloud providers and themselves, leaving potentially exploitable gaps in security.
The Internet of Things, the number and variety of devices with traffic in the cloud will also increase vulnerabilities, attackers will be able to use these devices as input to carry out other attacks. And following the criminal modality that worked with ransomware, they can use denial-of-service attacks to ask companies for ransom, interrupting access to the cloud and requesting the payment of a ransom to restore access to data.
On the other hand, the rise in threats will require effective responses from cloud providers and security providers in terms of services and technology to mitigate criminal action.
In technology, we can say without a doubt that in the coming years authentication systems will be improved, passwords will be replaced by biometrics, multi-level authentication and behavioral analysis. Automated platforms that simplify security controls in the cloud and rely less on the user should become the focus of manufacturers, not least because the scarcity of qualified professionals to handle so many security tools will also be a challenge in the future.
Cloud access security agents (Cloud Access Security Broker or CASB) are a good way to formulate and enforce policies, but they do not solve the fundamental problem of authentication. As CASBs mature, they must integrate with other security systems to decide which data in the cloud needs to be protected and how, offering more security, visibility and control.
The cloud service providers themselves will now offer additional additional protections for data stored, processed or transiting their systems; cryptography, services, health checks, real-time monitoring and improved data loss prevention techniques are some examples.
Despite this move to the cloud, most companies should not completely renounce private processing and storage capabilities, and should keep some of the fundamental business data and intellectual property at hand.
The advancement of cybercrime in the cloud will intensify efforts by security solution providers to create even better products. We will see the continued development of sophisticated tools, integrated solutions and automated platforms, capable of diagnosing and resolving incidents quickly.
EN 
PT 
