Explore 12 Dark Sides of Cloud Security

The cloud is essentially a dark pool of computing power, and its mystery often makes us take it lightly, ignoring its little-known dark side.

The development prospects of cloud computing are unstoppable. As a service model that provides computing power, database storage, applications and other IT resources on demand through the Internet cloud service platform, whether you are running a photo sharing application with millions of mobile users, or for your business To provide support for key operations, the cloud service platform allows you to quickly access flexible and low-cost IT resources.



With cloud computing, you don't need to invest heavily in hardware first, and then spend a lot of time to maintain and manage these hardware. On the contrary, you can precisely configure the appropriate type and scale of computing resources needed to help operate your IT department. You can access as many resources as you need, basically real-time access, and you only need to pay for the actual usage.

However, the development of technology is often accompanied by double-sided effects. With the increasing popularity of cloud computing, malicious actors are also eyeing this "big cake", trying to use cloud computing vulnerabilities to carry out attacks.

Initially, for some basic reasons (including issues related to security and privacy), companies were wary and skeptical about migrating data and workloads to the cloud. Although at present, this early scruples and panic has turned into trust and dependence, but with the increasing dependence of enterprises on cloud services and the frequent occurrence of cloud security incidents at home and abroad in recent years, enterprises have begun to re-examine cloud security issues. .

The following are 12 dark sides of companies doing business in the cloud, hoping to help companies establish a correct view of security and maximize the benefits of cloud computing.

1. The same security vulnerabilities still exist

The cloud instance is actually running the same operating system as our desktop or stand-alone server. If there is a backdoor in Ubuntu 14 that allows attackers to break into the machines in your hardened server room, it is almost certain that the same backdoor will also allow attackers to break into the version of your server running in the cloud. Our favorite cloud instance is designed to be interchangeable with our private hardware. Unfortunately, the same vulnerability will also be replaced in the cloud.

2. You may not be sure what you got

When starting the cloud device, you clicked the Ubuntu 18.04 button or the FreeBSD button. But, are you sure you are running a standard distribution? A friend who works in a shared hardware hosting center claimed that his company inserted a secret account in its distribution and then intervened in the standard UNIX routines of ps and top to ensure Its activities are not visible. He said that the version with the backdoor was created with customers in mind, and everything is to improve the efficiency of customer service and system debugging. However, it is undeniable that this approach may also be used for malicious purposes.

Customers' trust in cloud computing service providers is unconditional, and we must firmly believe in their integrity and fairness. However, it is difficult for us to believe that all its employees are also undivided.

3. There are additional layers beyond your control

Cloud instances usually come with an additional software layer under the operating system, which is completely out of your control. You may have root access to the operating system, but you will not know what is going on below. This layer is mostly undocumented and can be used to perform any operation on the customer data stream.

4. Employees are not working for you

Cloud service providers like to boast that they can provide additional support and security teams for the security and stability of their cloud instances. Most companies are not large enough to support such teams, so cloud computing companies can easily solve problems that small companies cannot solve.

But there is a problem to be aware of, the team is not working for you. They will not report safety issues to you, and their career prospects have nothing to do with your business development plan. You may not know their name, and the only way to communicate is through a faceless ticket, provided that they have a reply. Maybe this is all you need, or you can put your hands together in prayer.

5. You don't know who is on your server

The huge economic advantage of cloud computing is that you can share the cost of operation and maintenance with others. But the price is that you will also lose complete control of the hardware. You don't know who you are sharing the same machine with-it may be some kind-hearted church nuns who are maintaining a database of parishioners, or it may be a mentally ill person. To make matters worse, he may be a thief trying to steal your secrets or funds.

6. Economies of scale are a double-edged sword

The absolute advantage of cloud computing is that economies of scale mean low costs, because cloud computing companies have a large number of racks and hardware. This helps reduce costs, but it also leads to simplification and makes the attack easier. One vulnerability found in one instance is enough to quickly cover thousands of similar instances.

7. The security trade-off will lead to increased costs

Cloud computing companies are already in trouble. They can defend against attacks such as branch prediction by turning off branch prediction, but this will slow everything down. So, are they willing to compromise to reduce performance? Are customers willing to accept such a service? I think the result is negative. In the cloud, slower machines have no price advantage.

8. Different companies have different security needs

You may need to do billions of dollars in banking. But not every customer needs to carry out the same business in the cloud, or have the same scale. In fact, one scale does not apply to all security businesses, but cloud computing companies belong to the commodity business. Do they have high goals and are committed to supporting critical applications? Or are they cutting corners to provide low-cost packages for non-critical applications? This question is not the right decision, because every customer is different, and in fact, customers are also different Demand. Even each microservice within each application is different.

9. Everything is opaque

The cloud is essentially a black pool of computing power, and this mystery often makes us fall into a mystery of confidence. If we don’t know where our chip is, then the attacker doesn’t know either. However, we just crossed our fingers and assumed that the attacker could not find a way to share our machines, because we ourselves did not know how the machines were allocated. But what if there are patterns that can be exploited? What if there are some secret loopholes that can be used to drastically change this possibility?

10. Attackers have the ability to control our resources

A key feature of cloud computing is that it can automatically upgrade and expand to match demand. If the number of access requests surges, cloud computing can start new instances to ensure performance. The trouble is, it is very easy to create false demands. An attacker can trigger one of your applications and launch new instances through thousands of quick visits. What if a cloud computing company launches new hardware when demand surges? What if all new instances are stuck on this newly launched hardware? Attackers can request new instances immediately after triggering the cloud extension, so that everyone shares The possibility of the same memory space is much greater.

11. Too many clones lead to a surge in attack surface

Many cloud architects like to use modules of many small machines that can be started and stopped as demand rises and falls. A large number of cloned small machines also means that private data will be constantly cloned. If there is a private key used to sign documents or log in to the database, all cloned instances will have this information. This also means that the attacker has N targets instead of just one, which greatly increases the possibility of the attacker targeting the same physical hardware.

12. Our winning side may not be as big as expected

Attacks on cloud computing are no longer just hypothetical things, but they may not be so easy in practice. The biggest advantage of cloud security is that it is a huge black pool of computing power. How can an attacker get rid of the obstacles and hit the target? What is the probability that they break into the same memory space? Can the attacker find us? The mystery brought by cloud computing gradually expands our false sense of security. Are things really as beautiful as we imagined? Not necessarily so!