Cloud Security Alliance Updates 'Top Threats to Cloud Computing' List

A refreshed version of the CSA’s 2016 report includes new real-world anecdotes and examples of recent incidents that relate to each of the 12 cloud-computing threat categories.


Seattle-based Cloud Security Alliance has some new and updated advice for enterprises that do some or all of their business using cloud applications—and that pretty much means all enterprises.

The global organization, which is dedicated to defining and raising awareness of best practices to help ensure secure cloud computing environments, on Oct. 20 released an update of its most important industry document, “Top Threats to Cloud Computing + Industry Insights.” Registration is required for the document download.

This refreshed version of the CSA’s 2016 report includes new real-world anecdotes and examples of recent incidents that relate to each of the 12 cloud computing threat categories identified in the original paper.

“It’s our hope that these updates will not only provide readers with more relevant context in which to evaluate the top threats, but that the enhanced paper will provide them with a real-world glimpse into what is currently occurring in the security industry,” said Scott Field, partner architect with Microsoft and chair of the CSA Top Threats Working Group.

Topics and real-world examples discussed in this document include the following:

    • Data Breaches: Yahoo’s breach
    • Insufficient Identity Credential Access Management: LinkedIn’s failure to salt passwords when hashing; Instagram’s abuse of account recovery; MongoDB’s Mexican voter information leak; ransomware attack on unprotected MongoDB
    • Account Hijacking:  OAuth’s insecure implementation
    • Malicious Insiders: Alleged data theft by Zynga ex-employees; T-Mobile’s customer information theft
    • Insufficient Due Diligence: Yahoo’s breach
    • Denial of Service: Dyn DDoS attack; Australian Bureau of Statistics’ denial-of-service attack
    • System Vulnerabilities: Dirty Cow Linux privilege escalation vulnerability
    • Abuse and Nefarious Use of Cloud: Malware using cloud services to exfiltrate data and avoid detection; Zepto ransomware that spread and was hosted on cloud storage services; CloudSquirrel malware hosting command and control (C&C) in Dropbox; CloudFanta malware using cloud storage for malware delivery
    • Data Loss:  Virlock ransomware
    • Insecure Interface and APIs:  Moonpig’s insecure mobile application
    • Shared Technology Vulnerabilities: Cloudflare/Cloudbleed buffer overrun vulnerability
    • Advanced Persistent Threats: NetTraveler’s advanced persistent threats

CSA said the report provides organizations with an expert-informed understanding of cloud security concerns to make educated risk-management decisions regarding cloud adoption strategies. The report reflects the current consensus among security experts in the CSA community about the most significant security issues in the cloud.

The CSA Top Threats Working Group is responsible for providing needed context to assist organizations in making educated risk management decisions regarding their cloud adoption strategies. The working group is led by Field, along with longtime cloud security professionals Jon-Michael Brook, a principal of Security, Cloud & Privacy at Guide Holdings, and Dave Shackleford, a principal consultant with Voodoo Security.

The CSA invites interested companies and individuals to support the group’s research and initiatives. Companies and individuals interested in learning more or joining the group can visit the Top Threats Working Group page.

To access the full report, go here.

Chris Preimesberger

Chris J. Preimesberger

Chris J. Preimesberger is Editor-in-Chief of eWEEK and responsible for all the publication's coverage. In his 15 years and more than 4,000 articles at eWEEK, he has distinguished himself in reporting...