Did the security pitfalls of 2020 reshape cloud security in 2021, and how does it look for 2022?

When you’re in charge of your organization’s cloud security, you need to dedicate a big chunk of your time to what could happen — simultaneously keeping your eye on the ‘now’, as well as the ‘next’.

This also means constantly revisiting the mistakes of the past and factoring them into your future cloud security planning.

These past two years, with businesses enduring and recovering from extended lockdowns, and exploring new post-pandemic remote and hybrid work models, it’s important to reassess any weaknesses attackers may have exploited in the past to launch deadly attacks.

In this post, we’ll take a look at some of the most teachable cloud security moments of 2020 and note a number of key takeaways to help us ramp up our cloud security operations even further for 2022.

 

The Biggest Cloud Security Lessons of 2020

 

The Marriott Data Breach of Feb 2020

Between January and February 2020, Marriott suffered a massive cloud hacking incident that exposed the information of 5.2 million guests.

HOW IT HAPPENED:

Hackers used the login credentials of two employees at a franchise property to gain access. 

While we don’t know how they obtained these credentials, credential stuffing, and phishing are likely scenarios. Read more.

KEY TAKEAWAYS:

1. Time to take user identity verification one step further via Zero Trust

2020 showed us why adopting constant user identity verification tools that rely on ‘biometric identification’, rather than username and password patterns alone, is important.

By making the identity verification process ‘continuous’ rather than a one-off event at sign-in, this Zero trust mechanism massively helps at detecting imposters before they gain access to the more critical and sensitive resources.

 

2. Always have an Incident Response Strategy ready

A strong incident response strategy outlines the steps that will be taken after an incident occurs. This helps mitigate any resulting reputational and data breach damages.

 

2. The ZOOM bombing and leaked passwords of April 2020

As the pandemic sent much of the world into lockdowns, video conferencing became the norm for most business meetings.

With that, platforms like Zoom suddenly boomed, becoming a ‘BIG’ target for hackers and cyber thieves. 

In April, Zoom discovered 500,000 stolen passwords sold for pennies in crime forums on the dark web. Not only that, but users have also reported repeated ‘’Zoom-bombing’’ incidents. Read more.

HOW IT HAPPENED?

There are several cloud security aspects at play here, however, two consistent trends stand out:

Users tend to reuse passwords for different services — which paves the way for password stuffing and stolen credentials.

Users share their meetings on social media sites such as Twitter. Whereby a simple search for “Zoom.us” on Twitter brings up multiple links to meetings, which anyone can then use to join.

KEY TAKEAWAYS

It’s important to secure our virtual meetings as we continue to do things remotely by:

1. Choosing the right video conferencing tool: Not all video conferencing tools are built the same. Choose the right tool base on its privacy and cloud security capabilities first.

2. Users should avoid sharing meeting details on social networking platforms or anywhere else online.

3. Users should avoid using the same password across multiple cloud accounts. Every service or tool should be assigned a unique password of its own.

 

3. The Biggest Twitter Hack of ALL

On the 15th of July, 2020 Twitter was hit by one of the most brazen online attacks in history! 

Hackers were able to verify the Twitter accounts of high-profile figures including, Barack Obama, Elon Musk, Joseph Biden Jr., and Bill Gates, tweeting a Bitcoin scam.

HOW IT HAPPENED:

Phone spear phishing — can you believe it?

Surprisingly, the Big attack involved a very simple phishing technique.

Twitter Employees received phone calls from hackers pretending to be an internal Twitter support service, tricking them into divulging login credentials. Read more.

After that, dozens of enterprises —including banks, cryptocurrency exchanges, and other financial firms—have also been targeted with the same hack.

KEY TAKEAWAYS:

1. Phishing continues to pause a real danger to businesses of all sizes. In fact, According to GetApp’s 2020 State of Data Security, Report, “80% of employees report receiving phishing emails, compared to 73% in 2019, and employees are 15% more likely to click on a malicious link.” 

2. Raising employees’ phishing awareness, and adopting strong cloud security tools are both indispensable ways to combat phishing.

Don’t forget about your users’ email inboxes. The door from which most attackers try to sneak into your system. Make sure to use a good phishing incident response tool. 

After the incident, Twitter announced how it has strengthened its internal security and invested in new tools and training for employees and contractors.

 

4. Amos’ Two-Factor Authentication (2FA) Incident

And folks, it doesn’t just happen to big hotel chains and social media giants. SMBs are always a target too. 

While this incident didn’t receive the same global attention the above incidents did, it’s quite an eye-opener.

In July 2020, attackers managed to turn off 2FA for a company called Amos without actually going through the 2FA mechanism. 

HOW IT HAPPENED:

Read more about it in our blog Attackers can now officially disable 2FA: How to outsmart them?

KEY TAKEAWAYS:

1. Two-factor authentication remains an important security step and is certainly better than using a username and password alone. 

However, as cybercriminals continue to figure out ways around traditional authentication methods, Multi-factor authentication (MFA) becomes the more popular cloud security choice. Especially for remote work security.

2. A Google account is a pretty high-value target.

If users use Chrome to remember passwords, and it’s encrypting these passwords with their default account password, then it’s possible for passwords.google.com to be a security vulnerability. 

Learn more about the importance of Zero Trust authentication for Remote Work Security.

 

5. Not using the right Cloud security tool

And if there’s one BIG lesson we learned it’s the importance of deploying ‘the right’ cloud security tool. 

As we continue to conduct most of our work in the cloud, we need to know that our most sensitive resources, conversations, and data are protected 24/7. 

That’s why choosing the right security tool for your cloud workspace is the new ‘ virtual security guard’ you need watching over your cloud security AT ALL TIMES.

That way, even if human error, insider or outsider attacks strike, you know that the most sensitive areas of your cloud environment are protected.  

 

Well, that’s it from us today. We hope that you’ve found this blog piece insightful and wish you a happy and ‘safe’ new year!

To learn more about how GAT can help you boost your organization’s cloud security in Google Workspace and Chrome against these threats book a FREE demo to chat with one of our experts today.