Open in app

Sign in

Write

Sign in

Some Cloud Vulnerabilities to Watch Out for in 2022

michaelpaulyn | Simplifying the World of Tech
5 min readJun 25, 2022

Cloud computing has revolutionized everything from the job market, and how businesses operate, these changes show great promise, but there are risks involved. Many firms worldwide look to cloud technology to help them gain a more significant market share in their industries and increase productivity. By 2026 the cloud computing market will reach $947.3 billion; where there’s money, there are hackers.

Account Hijacking

Account hijacking, also known as session riding, happens when a hacker swipes a user’s account credentials and information illegally enters the system’s cloud network. Account hijacking is probably the fifth-highest weak point that a hacker will try and enter. There are several ways hackers use to hijack accounts, such as and including:

1. Phishing Scams

Hackers will attempt to direct users to an unsecured website, usually sending an email from a website they often use and getting the user to enter their information to hijack the account later.

2. Keylogger Exploits

Sophisticated programs record all the keystrokes users enter, including passwords and ID information sent to the attackers right away.

3. Buffer Overflow Attacks

Completely overwriting all data in the computer’s memory and replacing it with a similar-looking piece of data, the only difference is that the new part is malicious, helping to give complete access to all information.

4. Cross-Site Scripting (XSS) Attacks

They are known as a kind of injection attack in which the hacker sends virus-laced scripts through a web browser to access weak accounts.

5. Guessing Passwords

In this case, hackers guess the password and enter the network undetected if lucky.

What’s most shocking is that this has been going on for some time now; this isn’t new. In 2014, an Egyptian researcher found that PayPal had some specific weak points that put over 150 million accounts at risk. Luckily, this risk of attack was found before anything happened, and this shows how companies everywhere need to be on high alert for possible cyber breaches.

Data Breaches

In 2019 alone, over 3,800 data breaches equaled over 4.1 billion lost or compromised records. A 54% increase in data breaches year over year, with no signs of slowing down, proves how businesses everywhere need expert cybersecurity personnel.

Verizon’s 2019 Data Breach Investigations Report found that 43% of all victims were small mom-and-pop businesses. These small companies don’t have access to the same level of cyber protection, unlike the much larger and wealthier global firms. Many of these companies continue to suffer the most, with data breaches growing.

The consequences for businesses include the following:

  • Customers negatively perceive the brand image
  • Trust is lost and sometimes never regained
  • Intellectual property is lost forever
  • Small companies have to pay regulatory fines and penalties, sometimes putting them out of business.
  • There’s the potential to be sued.

Capital One was the victim of one of the most extensive data breaches in US history in 2019, leaving over $300 million in damages once the dust settled. These attacks prove that it doesn’t matter how big you are; there’s always a risk.

Exposed Application User Interfaces (APIs)

Most of us use application user interfaces (APIs) every day and never think anything of it. Some examples of APIs are when you search the weather in your city or area, the login buttons for a website that lets you use your Google or Facebook account, or even the option to use your PayPal account when you’re making a purchase online.

Many companies everywhere use APIs to seamlessly share information between different departments or even across locations around the world, they’re incredibly convenient, but there are some risks. As companies rely more and more on APIs, there are signs that these attacks will continue to grow exponentially as 2022 rolls along.

The cloud computing risks of APIs aren’t something to laugh at; hackers who have accessed the APIs can launch a DDoS attack. Which is a distributed denial-of-service, this type of attack focuses on clogging traffic flow and overburdening the network with a sudden surge of internet traffic, much like a traffic jam during rush hour traffic preventing anyone from moving.

Attacks by Employees

Cyberattacks can happen from an outside source just as much as inside. There’s a real threat of insider attacks that steal sensitive information, destroy crucial data, and sabotage entire networks. These attacks are a real possibility, whether from former or current employees who feel disgruntled.

The truth is that companies are far more at risk of an internal attack than an external one. Recent reports in 2020 state that since 2018 insider attacks have increased by 47%, with the cost going up by 31%. Another 23% were insider threats of possible malicious attacks. Most were from a lack of due diligence on the company’s part.

Hungry for more? Check back Sunday for my next blog, which dives into other industries that the rise of blockchain technology will disrupt.

Every week, I’ll have several new blogs on my website where I dive into the world of blockchain tech and topics on cybersecurity — simplifying the world of tech.

#simplifyingtheworldoftech #worldoftech #tech #remotework #cybersecurity

--

--

michaelpaulyn | Simplifying the World of Tech

Written by michaelpaulyn | Simplifying the World of Tech

16 Followers

Just a copywriter out to simplify the world of tech, one blog at a time. For more information, head to my website: michaelpaulyn.com/

Help

Status

About

Careers

Blog

Privacy

Terms

Text to speech

Teams