Project Description

📖 4 mins read

Will the security pitfalls of 2020 reshape cloud security in 2021?

As we approach the end of a rather unusual year, we can’t help but wonder, how will 2021 be for us all. 

With the way things are shaping up right now, it makes sense to reflect on the successes and mistakes of 2020 as we plan for 2021

That’s particularly important when you’re in charge of your organization’s cloud security and need to dedicate a big chunk of your time to what could happen — Focusing not only on the ‘now’, but also the ‘next’.

With lockdowns, stay at home orders and businesses going fully remote, cyberattacks have skyrocketed this year, preying on weak cloud security practices to launch repeated deadly attacks. 

If we look together at some of the most teachable cloud security moments of the year, we’ll note a number of key takeaways there that can help us ramp up our cloud security operations even more for 2021.

 

The Biggest Cloud Security Lessons of 2020

The Marriott Data Breach of Feb, 2020

Between January and February of 2021, Marriott suffered a massive cloud hacking incident that exposed the information of 5.2 million guests.

How it Happened?

Hackers used the login credentials of two employees at a franchise property to gain access. 

While we don’t know how they obtained these credentials, Credential stuffing and phishing are likely scenarios. Read more.

What we can learn?

  • Time to take user identity verification one step further via Zero Trust

2020 showed us why adopting constant user identity verification tools that rely on ‘biometric identification’, rather than username and password patterns alone, is important.

By making the identity verification process ‘continuous’ rather than a one-off event at sign in, this Zero trust mechanism massively helps at detecting imposters before they gain access to the more critical and sensitive resources.

New call-to-action
  • Always have an Incident Response Strategy ready

A strong incident response strategy outlines the steps that will be taken after an incident occurs. This helps mitigate any resulting reputational and data breach damages.

 

The ZOOM bombing and leaked passwords of April 2020

As Covid-19 abruptly sent much of the world into lockdowns, video conferencing has become the norm for most business meetings.

With that, platforms like Zoom suddenly boomed, becoming a ‘BIG’ target for hackers and cyberthieves. 

In April, Zoom discovered 500,000 stolen passwords sold for pennies in crime forums on the dark web. Not only that, but users have also reported repeated ‘’Zoom-bombing’’ incidents. Read more.

How it happened?

There are several cloud security aspects to consider here, however two consistent trends would be:

  • Users tend to reuse passwords for different services — which paves the way for password stuffing and stolen credentials.
  • Users share their meetings on social media sites such as Twitter. Whereby a simple search for “Zoom.us” on Twitter brings up multiple links to meetings, which anyone can then use to join.

What we can learn?

This takes us to an important question — How can we better secure our virtual meetings in 2021 as we continue to do things remotely?

  • Choose the right tool: Not all video conferencing tools are built the same. That’s why choosing the right tool for your enterprise must be based first on its privacy and cloud security capabilities.
  • Users should avoid sharing meeting details on social networking platforms or anywhere else online.
  • Users should avoid using the same password across multiple cloud accounts. Every service or tool should be assigned a unique password of its own.

 

The Biggest Twitter Hack of ALL

On the 15th of July Twitter was hit by one of the most brazen online attacks in history! 

Hackers were able to verify the Twitter accounts of high profile figures including, Barack Obama, Elon Musk, Joseph Biden Jr., Bill Gates, tweeting a bitcoin scam.

How it Happened?

Phone spear phishing — can you believe it? 

Surprisingly, the Big attack involved a very simple phishing technique. Twitter Employees received phone calls from hackers pretending to be an internal Twitter support service, tricking them into divulging login credentials. Read more.

After that, dozens of enterprises —including banks, cryptocurrency exchanges, and other financial firms—have also been targeted with the same hack.

What we can learn?

  • Phishing continues to pause real danger to businesses of all sizes. In fact, According to GetApp’s 2020 State of Data Security Report, “80% of employees report receiving phishing emails, compared to 73% in 2019, and employees are 15% more likely to click on a malicious link.” 
  • Raising employees’ phishing awareness, and adopting strong cloud security tools are both indispensable ways to combat phishing.

After the incident, Twitter announced how it has strengthened its internal security and invested in new tools and training for employees and contractors.

  • Don’t forget about your users’ email inboxes. The door from which most attackers try to sneak into your system. Make sure to use a good phishing incident response tool. 

New call-to-action

 

Amos’ Two Factor Authentication (2FA) Incident

And folks, it doesn’t just happen to big hotel chains and social media giants. SMBs are always a target too. 

While this incident didn’t receive the same global attention as the above incidents, it is quite an eye opener.

Last July, attackers managed to turn off 2FA for a company called Amos without actually going through the 2FA mechanism. 

How it happened?

Read more about it in our blog Attackers can now officially disable 2FA: How to outsmart them?

What we can learn?

  • Two-factor authentication remains an important security step and is certainly better than using username and password alone. 

However, as cybercriminals continue to figure out ways around traditional authentication methods, Multi-factor authentication (MFA) becomes the more popular cloud security choice. Especially for remote work security.

  • A Google account is a pretty high value target.

 If users use Chrome to remember passwords, and it’s encrypting these passwords with their default account password, then it’s possible for passwords.google.com to be a security vulnerability.

Learn more about the importance of Zero Trust for Remote Work Security here.

 

Not using the right Cloud security tool

And if there’s one BIG lesson we learned this year it’s the importance of deploying ‘the right’ cloud security tool

As we continue to conduct most of our work in the cloud, we need to know that our most sensitive resources, conversations and data are protected 24/7. 

That’s why choosing the right security tool for your cloud workspace is the new ‘ virtual security guard’ you need watching over your cloud security AT ALL TIMES.

That way, even if human error, insider or outsider attacks strike, you know that the most sensitive areas of your cloud environment are protected.  

Google Workspace Security

Well, that’s it from us today. We hope that you’ve found this blog piece insightful and wish you a happy and ‘safe’ new year! ?

Thanks for sharing and spreading the word!