How Hackers are Exploiting Cloud Organizations

A Look at Recent Breaches

As more and more data moves to the cloud, hackers are getting smarter in their attempts to access it and cloud data breaches are running rampant. In recent weeks, we've seen several high-profile data breaches that have exposed sensitive information belonging to customers of various companies. In each case, the attacker used sophisticated techniques to gain unauthorized access to cloud services and steal data.

One example is the hacker known as ‘Kernelware’, who recently leaked 7.5 GB of customer data belonging to HDB Financial Services, a subsidiary of India's largest private bank, HDFC Bank. While HDFC Bank denies any data leak from their end, analysis reveals that the data belongs to HDB Financial Services, and was for sale on a hacker forum. This breach highlights the risks of outsourcing sensitive data to third-party service providers, and the need for strong security controls to protect against data theft.

Another example is Acronis, a Swiss cybersecurity and data backup business, which was also recently breached by Kernelware. Although the company claimed that only one customer was impacted, the hacker reportedly stole 12.2 GB of data. The hacker claimed they had broken into Acronis getting a hold of an Acronis customer's account login info and used that to siphon off their files. This breach highlights the need for companies to implement strong access controls and monitoring, as well as regular vulnerability assessments, to detect and prevent attacks.

Our last example, Acer Inc. suffered a massive data breach via unauthorized access from a hacker, who stole 160GB of data from 655 directories and 2869 files. The hacker claimed that there was so much data that it would take days to go through the list of what was breached. Acer confirmed they recently detected an incident of unauthorized access to one of their document servers for repair technicians. This incident underscores the importance of implementing comprehensive security measures to prevent unauthorized access and usage to cloud services and data. 

In all these cases, it is assumed that the hacker used sophisticated techniques to gain unauthorized access to cloud data, and the companies involved now face the risk of reputational damage, financial loss, and legal liability. Hackers have become more sophisticated, relentless, and damaging in their attacks, and any organization could be next as hackers targets aren’t likely to change any time soon. 

So, what can organizations do to improve their data security posture from these types of attacks?

Here are some recommendations

1. Implement a "zero trust" security framework that requires all users, whether in or outside the organization, to be authenticated, authorized, and continuously validated for security posture before being granted or maintaining access to data. This framework should allow only time-limited access and to be based on the Principle of Least Privilege, which limits access and usage to the minimum amount of data required to perform the job.
2. Use a Cloud Data Security Posture Management (DSPM) solution to enforce the security framework through continuous monitoring, automation, prioritization, and visibility. DSPM solutions can help organizations identify and prioritize data security risks based on their severity, allowing them to focus their resources on the most critical issues.
3. Regularly conduct risk assessments to detect and remediate security risks before they can be exploited by hackers. This can help prevent data breaches and minimize the impact of any security incidents that do occur.
4. Train employees on security best practices, including how to create strong passwords, how to identify risks, and how to report suspicious activity.

By following these recommendations, organizations can significantly reduce their risk of a data breach and improve handling sensitive data belonging to their organization. As more and more data moves to the cloud and hackers become more sophisticated, it's essential to prioritize security and take proactive measures to protect against data risks.