Reduce the risk of malicious cloud attacks through social media channels

As the authors have discussed before, when destruction occurs, many organizations take a passive response rather than taking more cautious initiatives. We will now work with the authors to provide a road map for mitigating abuses and to introduce positive measures to be taken in the event of abuse.

In a calm cloud island, law-abiding islanders use mobile devices to do the following:

Software as a service (SaaS) application that runs as an individual or a group. An application that develops a platform, a service (PaaS), on behalf of a team. Check the health status of the infrastructure as a service (IaaS) through the dashboard of the performance indicator.

At work, Islanders write microblogs, blog posts and use other social networking tools, and usually have no problems with the following activities:

in the cloud data they visit to achieve near real-time communication. Build a collaborative culture of public cloud developers remotely. Share cloud service knowledge and current cloud practices. More frequent access to the cloud service migration process.

The islanders are happy; The cloud and social networking services are always available, as guaranteed by the service level agreement (SLA). When performance falls below the guaranteed availability level, the SLA specifies a failover plan that will fail over to a location in the island's health data center. The algorithms used to measure performance are numerically stable.

But not everyone is what they look like.

Cyber criminals disguised as tourists

On a sunny day's lunch hour, three cloud service crews traveled several blocks to the island's main port to take pictures of a yacht that was quietly approaching the port. The ship had about 1,000 visitors, and the tourists were unaware that some cyber criminals were hiding among them. Security guards on another island forgot to check their backgrounds before the criminals boarded the ship.

A few minutes before the ship docked, cloud service personnel paused to take photos and began reading the Infoworld,trend Micro report, released in December 2012 13, which discusses hackers using cloud services through social networking tools. According to the report, hackers send malicious code from commands and control centers to mobile devices by blogging, tweeting, or using Facebook. Once hackers get the data (they don't have the data), they will put the stolen data in Google Docs or Dropbox or Pastebin or even Amazon EC2.

The command and control center hacker might consider:

They have collected some very important data. How they will maliciously change the data. How they will get higher privileges. They are sending the data back to the data source, or moving on to the destination.

As soon as the ship was successfully docked, the cyber criminals immediately boarded the island and shunned three cloud service personnel and disappeared into the waving banner. When the cloud services were back at work, they began to use mobile devices to connect to social networks. But cloud service workers found it too late to access SaaS applications, connect with other PaaS developers, or check the health of the IaaS.

Cloud services suddenly shut down. Cloud service personnel constantly complain:

threshold policy is not appropriate. Failover plans that migrate to a health data center are excluded from the SLA. The algorithms used to measure performance are numerically unstable.

Islander Model User

Before we discuss a plan to reduce the risk of exposure to cloud services, let's take a look at what mobile devices model users use to get the required SaaS, build SaaS applications with PaaS, and check the health of the IaaS. The social media tools they use to communicate with each other are limited by the degree to which they are allowed access to SaaS, PaaS, and IaaS resources. The vendor sets the threshold level for resources, users, data requests, and social media.

All users are bound by the company's own mobile device policy (BYOD) because each mobile device provides a password or biosafety partition for the company's approved data and applications. On the same device, the partition is separated from the second partition for personal use. All mobile devices are remotely controlled by the company's mobile device management solution, including IBM® 's Endpoint manager for Mobile Devices (used with other IBM Endpoint Management products).

Get SaaS On Demand

SaaS mobile users have the fewest control over mobile usage and the most suppliers.

End-User Mobility Control: the only control of end users is access to SaaS applications from the partition of a mobile device, whether the end-user is an individual, an enterprise (small or medium), or a government agency. Examples of SaaS applications include ship arrival and departure schedules, customer relationship management, human resources, and spreadsheets.

During access to the SaaS application, end users use the same mobile device to tweet and blog with the selected user group. If users are allowed to download data from an application in a company-protected partition, users will forgo the opportunity to download data remotely from secure Dropbox, and users can retrieve the data later, or discuss them in other tweets or blogs.

SaaS Vendor Control: Vendors should manage access control at least by limiting the number of authorized users, who can access the application concurrently, as described in the previous user threshold policy. Vendors can limit the number of users who use social media tools described in the previous social media threshold strategy. Vendors control the operating system, server, and network infrastructure needed to run SaaS applications. The vendor also controls the social media tools that are downloaded to the mobile device or that use the device.

Building SaaS applications with PaaS

PaaS users have more control over applications than SaaS users.

Developer Mobility Control: Developers control and protect all applications found throughout the enterprise lifecycle, created and hosted by independent software vendors, startups, corporate units, or government departments. For example, a developer builds, deploys, and runs a custom ship to arrive and leave the management application. As part of the enterprise lifecycle, developers use social media tools, spreadsheets, word processing software, billing, payroll processing (payroll 處理), and invoice systems.

Developers use the same devices to tweet, blog, or use Facebook to form a knowledge network. These networks help developers get information about development processes and technologies, share innovative practices, and receive responses in a timely manner. By providing near-real-time feedback on developer status, developers as a team can more frequently post comments through social media posts.

PaaS Vendor Control: The vendor should at least control the operating system, server, and network infrastructure needed to run SaaS applications. The vendor also controls the social media tools that are downloaded to the developer's mobile device. Vendors can set user, resource, data request, and social media threshold levels.

The IaaS security policy focuses on how to access and protect data and how to manage virtual machines.

Network Expert Mobile control: an infrastructure or network expert controls the applications deployed on the operating system, network devices, and virtual machines. Infrastructure experts can scale virtual servers or storage area blocks and communicate with other IAAS infrastructure experts and PaaS developers on the IaaS platform using social media tools.

Infrastructure or network experts can use the same devices to tweet, blog, or use Facebook from other IaaS experts or PaaS developers to form a knowledge network. These networks help experts and developers obtain information about IaaS technologies and receive timely responses.

IaaS Vendor Control: The vendor should at least control the traditional computing resource infrastructure based on virtual machines and the mobile applications needed to access the IaaS. Vendors can control the social media tools used in the cooperative environment, as well as set user, resource, data requests, and social media threshold levels.

Cloud attack Scenario

Let's take a look at a few scenarios to see how hackers use social media tools to misuse SaaS users, PaaS developers, and cloud services that IaaS infrastructure experts access from their mobile devices.

SaaS applications

End users securely connect to Ready-to-use SaaS accounting applications using company-licensed BYOD. Build a virtual group that allows team members to simultaneously access the same SaaS application, either locally (in the same location) or remotely (in different locations), blogging or using Facebook.

Users put sensitive information on Facebook so that everyone, including hackers, can see it. The first time they registered their Facebook account, they did not change the default settings.

What the end user does not understand is that Facebook has access to face recognition software that allows hackers to use data from Facebook to identify the SaaS end users uploaded to Facebook. SaaS end users forgot to change Facebook settings.

Hackers place stolen data in a drag-and-drop area and infect it. They send malicious code to the target and use these malicious code to drown the backend database.

The SaaS application is suddenly inaccessible.

PaaS Platform

To develop a complex SaaS application with a PAAs platform, you should organize a large PAAs developer team. The team is based on a small team of outstanding skill sets, consisting of small teams with different relationships. A team has a skill that another team does not have in one area.

Because the delivery date of the SaaS application is tight, it is necessary for the team to publish real-time tweets about the progress of application development. Developers get the latest progress reports from teams in different locations.

When the delivery date is near, the PaaS crashes. Most developers forget to protect their microblog accounts. Developers who protect their accounts are rarely hacked. Hackers copy and change personal information and store it in Dropbox, and then maliciously attack the developers so that they cannot access control of the cloud.