Cibersecurity Newsletter
APRIL 2021

Identity theft in the cloud

Prevention and combat recommendations

The last decade was marked by the crescent use of the cloud, which consists in having our data stored remotely via cloud services instead of being stored locally on our systems or devices. However, despite its multiple benefits, this practice also brings new risks, among of which is identity theft.

Roubo de Identidade na Cloud

Identity theft in the cloud is a process where an individual or organization’s cloud account is stolen or hijacked by an attacker. Cloud account hijacking is a common practice in identity theft scams where the attacker uses information from the stolen account to perform malicious or unauthorized activities. When there’s a cloud account theft, the attacker often uses a compromised e-mail account or other credentials to take the place of the account holder.

Cloud Computing brought many benefits for organizations, including cost reductions in terms of resources and investments. However, it also provides cybercriminals with an environment that is conducive to attacks, because there are large volumes of data stored in one place. As data are stored and accessed on devices and resources are usually shared between many different users, the risks of identity theft in cloud are recurrent.

Cloud-01

Cloud-02

Concern about the misuse of personal data on the Internet promoted by the pandemic and telework, where there was an increase of computer scams.

Source: Cybersecurity in Portugal Report from the Portuguese National Cybersecurity Centre (CNCS).

Identity theft in the cloud is, therefore, a concern about which it’s important to highlight some prevention and combat recommendations.

Cloud account theft

Identity theft is a threat to the cloud that steals user account credentials. By accessing personal data, the criminal can impersonate an authentic user and cause not only financial but also reputational damage to the victim. The multiple possibilities of identity theft in the cloud require special attention. Identity theft can occur in a wide variety of moments by accessing the victim’s phone, computer, social media, e-mail, online banking,…

There are several means that attackers can use to hijack accounts, including:

1. Phishing

Forwarding users to an unsecure website to steal their information or hijack their session ID

Image4

2. Malware

Leading the user to install malware that will facilitate the capture or access to the cloud account.

Image2

3. Weak Passwords

By using brute force, the attackers can find or guess your password, if your password isn’t strong. In this scenario, the use of multi-factor authentication is essential.

Image44

4. Attack to Cloud Service

You must check the maturity and reliability level of your Cloud provider, because there’s a multitude of direct attacks to Cloud services that can allow attackers to steal the identity of users.

Image45

5. Man-in-the-middle Attacks

The typical attacks where the connection is somehow intercepted and used by attackers to get access or hijack the account. A classic example is when we use unsecured wireless networks.

Image46

Cloud-03

Account hijacking is not new. In 2014, an Egypt-based researcher found a PayPal vulnerability that left about 150 million accounts exposed to this type of attack. Luckily, the threat was corrected before there was any damage.

How can you protect yourself against identity theft in the cloud?

check

Firstly, you should create secure passwords and change them frequently. •This will help you stay protected against attacks. Also consider the use of multi-factor authentication (MFA) whenever possible, which will add an extra security layer, making it hard for attackers to access your account remotely.

check

Many successful account intrusion attempts happen due to phishing. Be careful when you click on Internet and e-mail links and when you receive password reset requests, and this will help protecting you against attacks. If you have any employees using cloud services, make sure that you inform them about the vulnerabilities of cloud computing so that they know how to identify account intrusion attempts.

check

Seeking advice from an expert on threat and vulnerability detection •is also an effective way to prevent account hijacking. They can look for potential vulnerabilities in your network and introduce controls that will you’re your data better protected against these types of attack.

Archive

2024

2023

2022

2021

2020

2019

Subscribe our newsletter.


Cookie Consent X

Devoteam Cyber Trust S.A. uses cookies for analytical and more personalized information presentation purposes, based on your browsing habits and profile. For more detailed information, see our Cookie Policy.