5 Ways to Prevent Cloud Jacking of Your Online Accounts
Over the last 15 years, there’s been a major data and business process migration from computers and on-premises equipment to cloud environments. Companies are now using collaboration tools like Microsoft 365 and QuickBooks Online to make it easier to access data from anywhere. The scalability of the cloud also offers huge cost-saving benefits to companies over static software.
But working in the cloud isn’t without risk. All a hacker has to do is steal one user’s password and they have direct access to business data, email, sensitive files, and more.
That large ransomware attack on the US-based Colonial Pipeline that you may have heard about caused major disruption throughout a large portion of the country due to gasoline shortages. It was caused by a compromised and unprotected cloud account that allowed hackers a way into the network to inject ransomware.
Cloud jacking, which is the takeover of a user’s cloud account has been on the rise. According to McAfee, cloud account attacks were up 630% in 2020.
Cloud account takeovers can lead to major data loss, operational disruption, and data compromise. This is especially true if the account hacked is that of an account admin that has high-level privileges.
With most businesses from small to large now using the cloud for many of their business processes and data storage needs, it’s vital to employ a layered cloud security strategy that will keep all those accounts protected.
Cloud Protection Strategies You Should Be Using
Multi-Factor Authentication (MFA)
One of the most powerful tools in your cloud protection arsenal is multi-factor authentication. Requiring additional proof of user identity before a cloud account can be accessed, may take a few extra seconds on the part of the user, but it stops approximately 99.9% of cloud jacking incidents.
Hackers have multiple ways they can get their hands on a user password, so while using strong passwords is important, it can’t always protect you. Hackers get user passwords through:
- Phishing and fake login forms
- Large retailer data breaches that expose millions of user logins
- Use of cracking software to hack weak passwords
- Spyware that seeks out unsecured lists of passwords on a user device
MFA stops the attacker from gaining access to a cloud account even if they have the password because it’s likely they will not have the physical device that receives the MFA code.
Virtual Private Network (VPN)
Users no longer are all logging in to cloud accounts from a single company Wi-Fi connection. Employees work from home using less secure home routers and often are on free public Wi-Fi when accessing work apps from mobile devices.
Unsecure networks put users at risk of a man-in-the-middle attack, where a hacker on the same network can spy on others’ sessions.
Having employees use a business VPN will help secure those cloud logins, thus keep your accounts more secure. VPNs use encryption which keeps hackers from being able to see things like password entry or the input of credit cards into an online form.
Have Your Security Properly Configured
One of the big enablers of cloud jacking is misconfiguration. This is when companies aren’t using adequate security settings in their cloud application.
SaaS providers don’t generally set accounts at their highest security settings, they leave it up to users to personalise their configurations to their needs.
This means your cloud accounts can be at risk of a breach if you haven’t had a professional go in and set up security policies and enable functions that keep your accounts better protected from attacks.
Use the Rule of Least Privilege
The Rule of Least Privilege states that you should only give your users the lowest level privileges in a system that they need to perform their work. The more users you give elevated privileges to (such as the ability to add/remove users, access security settings, etc.), the more targets you give hackers that could do major damage.
One way to significantly reduce your risk of a high-privilege account being hacked is to use only a single dedicated admin account. You can set this up on Microsoft 365 without having to pay for an additional user.
Admins will then log into that one account when needed to perform admin duties, but their own accounts won’t have admin privileges. The dedicated account isn’t used for email or other tasks, making it more secure than a regular user account.
Provide Continuous Security & Phishing Awareness Training
Many phishing scams send users to fake login forms designed to steal their credentials to a cloud account. For example, an employee may see a clever phishing email that looks like it’s a colleague sharing a Google Drive file. They click the link, and it asks for their Google login and spoofs the interface they’re used to seeing.
As soon as they log in, the hacker now has their credentials, and an automated attack is unleashed in seconds before they can even try changing the password.
It’s important to foster a culture of cybersecurity through continuous user training on phishing and cybersecurity to help your staff avoid being fooled.
How Secure Are Your Cloud Accounts?
GKM2 can help your Sydney area business with a full review of your cloud security. We can provide configuration assistance and recommendations to keep you safe from an account takeover.
Contact us today to learn more. Call +61 2 9161 7171 or reach out online.