Today, many of us have a lot of data such as photos and important files backed up to the cloud. What happens if this account is hacked? There are a few strategies that we can use to reduce the risk of an attacker accessing these files.
Firstly, what is cloud account hacking?
Cloud account hacking is a process when an individual or company’s cloud account is stolen or accessed from an external person[1]. This external person is a hacker and may use your information for identity theft or to conduct unauthorized activity.
Cloud computing provides a lot of benefits to individuals and companies such as having data accessible anywhere at any time. It also has its risks, as all your data is stored in one place, providing hackers with a lot of information if they happen to gain access[2].
How can this happen?
Cloud hacking can happen if any of your passwords are lost or stolen. It can also happen if you have weak passwords, protect passwords poorly or recycle passwords[3].
Other ways hackers can access your cloud account is through;
- Phishing – a hacker sends fraudulent emails and copies of legitimate websites to obtain data[4].
- Malware – a software that brings harm to a computer[5].
- Brute force – a trial and error method hackers use to obtain information such as passwords[6].
- Credential stuffing – the hacker finds credentials of yours and attempts to use them in other systems[7].
What are the risk of cloud hacking?
Having an account hacked leaves individuals and companies devastated. Being hacked can affect company integrity, reputation, identity theft, leaked confidential information and financial loss[8]. Being hacked can also have legal implications for highly regulated industries such as healthcare, if clients and patient’s confidential information is accessed[9].
Strategies for preventing cloud account hacking;
Firstly, using multifactor authentication will always require you to verify that you are you when logging into your account[10]. This could be sending a verification code to your mobile device or your email, to make sure they are giving access to the authorized person, who is you.
Secondly, in your company, divide duties amongst your team[11]. Only give cloud access to individuals that need it to reduce the risk of being hacked.
Thirdly, create a termination and job change procedure for employees who have access to the cloud[12]. One an employee leaves your work place; you will need to ensure that they no longer have access to the cloud account. It might also be worth updating your passwords for that extra security.
How can DataUp help?
A service DataUp provides is mail protection, which can protect you from phishing attacks and hackers. Data Up can help by;
- Forwarding all clean and legitimate emails to you.
- Holding spam emails. You will receive a spam report twice a day to be able to release these emails.
- You will be provided with the reason why each email is blocked.
- You are able to release spam and infomail into your inbox, but you are not able to release viruses.
Mail spam is one of the biggest security threats these days and as hackers are getting smarter, it’s more important than ever to protect your data online.
If you or your organisation are looking for security for your cloud account and email protection, get in touch with DataUp and let our friendly team assist you.
Email;
Sales: enquire@dataup.com.au
Support: support@dataup.com.au
References:
[1] Lord, N 2018, What is Cloud Account Hijacking? | Digital Guardian, Digital Guardian, viewed 29 September 2020,<https://digitalguardian.com/blog/what-cloud-account-hijacking>.
[2] Lord, N 2018, What is Cloud Account Hijacking? | Digital Guardian, Digital Guardian, viewed 29 September 2020,<https://digitalguardian.com/blog/what-cloud-account-hijacking>.
[3] Moyle, E 2020, Prevent Cloud Account Hijacking with 3 Key Strategies, Search Cloud Security, viewed 29 September 2020,<https://searchcloudsecurity.techtarget.com/tip/Prevent-cloud-account-hijacking-with-3-key-strategies>.
[4] Dictionary.com 2020, Phishing | Definition of Phishing at Dictionary.com, Dicitonary.com, viewed 29 September 2020,<https://www.dictionary.com/browse/phishing#:~:text=the%20practice%20of%20using%20fraudulent%20e-mails%20and%20copies,from%20computer%20users%20for%20purposes%20of%20identity%20theft>.
[5] Technopedia 2013, What is Malicious Software (Malware), Technopedia, viewed 29 September 2020,<https://www.techopedia.com/definition/4015/malicious-software-malware#:~:text=Techopedia%20explains%20Malicious%20Software%20%28Malware%29%20Malware%20is%20software,user%20Internet%20traffic.%20Examples%20include%20spyware%20and%20adware.>.
[6] Technopedia 2020, What is a Brute Force Attack?, Technopedia, viewed 29 September 2020,<https://www.techopedia.com/definition/18091/brute-force-attack>.
[7] Technopedia 2017, What is Credential Stuffing?, Technopedia, viewed 29 September 2020, <https://www.techopedia.com/definition/32586/credential-stuffing>.
[8] Lord, N 2018, What is Cloud Account Hijacking? | Digital Guardian, Digital Guardian, viewed 29 September 2020,<https://digitalguardian.com/blog/what-cloud-account-hijacking>.
[9] Lord, N 2018, What is Cloud Account Hijacking? | Digital Guardian, Digital Guardian, viewed 29 September 2020,<https://digitalguardian.com/blog/what-cloud-account-hijacking>.
[10] Moyle, E 2020, Prevent Cloud Account Hijacking with 3 Key Strategies, Search Cloud Security, viewed 29 September 2020,<https://searchcloudsecurity.techtarget.com/tip/Prevent-cloud-account-hijacking-with-3-key-strategies>.
[11] Moyle, E 2020, Prevent Cloud Account Hijacking with 3 Key Strategies, Search Cloud Security, viewed 29 September 2020,<https://searchcloudsecurity.techtarget.com/tip/Prevent-cloud-account-hijacking-with-3-key-strategies>.
[12] Moyle, E 2020, Prevent Cloud Account Hijacking with 3 Key Strategies, Search Cloud Security, viewed 29 September 2020,<https://searchcloudsecurity.techtarget.com/tip/Prevent-cloud-account-hijacking-with-3-key-strategies>.