7.1 Description of ThreatOne of the biggest problems that cause this threat is that companies that engage in cloud services to manage their business expect their cloud service provider to address their security concerns. For this reason, they are putting great trust in their cloud service provider to protect their data when that may not actually be the case. Thus, companies are becoming more complacent towards risks clearly because they trust their cloud service provider in addressing their cloud security. That means it will be easier for attackers to exploit the companies’ cloud security vulnerabilities in order to steal resources such as sensitive information that is stored in the cloud.As cloud security are compromised, it can cause consequences such as downtime in the cloud which can leave a serious impact on a company’s business as applications and services are not available. Another consequence is that security flaws make it challenging for companies to meet industry compliance regulations especially for companies in the finance and healthcare industries. One more consequence is that there is a potential loss of data especially for confidential data such as personal information and credit card details which can lead to a serious financial and reputational damages for companies.7.2 Nature of ThreatCloud threats come in a variety of ways, depending on how the attacker chooses to attack. Attackers may do a DDoS attack to disrupt users from accessing their services by exploiting vulnerabilities in the cloud implementation. Attackers may also do a DDoS attack to deplete all of the target’s resources in the cloud. With cloud services being disrupted, all legitimate users will not be able to access their services or applications in the cloud, which in turn, causes the cloud customer’s business to be disrupted which will have a serious impact on their business. Attackers can also launch attacks by gaining access to a cloud service provider and launching a ransomware attack that can affect their customer base. The cloud can be used as a platform to spread malware to the targets customer base by the sharing of infected files and automatic syncing. For instance, Virlock ransomware particularly targets cloud storages and collaborative platforms to allow it to reproduce in a very quick manner through the whole network from a single infected user.When companies become a victim of cloud threat, it will have a strong impact on their businesses and reputation especially if their sensitive customer data is lost and leaked.Cloud service providers will suffer losses should they become a victim of cloud threat and their customers will lose confidence on their service. Their reputation that is built throughout the years might be tarnished in just one cloud attack which is why they must stay vigilant and be aware of this threat.When cloud consumers become a victim of cloud threat, the attackers can leverage your account credentials to redirect users to illegitimate websites which can cause even more cloud consumers to become a victim of cloud threat. From there attackers can do whatever they want with your sensitive data such as selling it for monetary rewards.7.3 Mitigation of ThreatEven though the threat may have affected many people, it can still be mitigated in simple ways. Firstly, if you receive any suspicious looking email that contains links or attachments, delete it immediately unless you are absolutely sure it is from trusted source. Secondly, ensure that you update your open source software regularly as updates include patches for newly discovered security vulnerabilities that could be exploited by attackers. Thirdly, make sure that the cloud service you use regularly backs up your files to ensure you can recover them in case you become a victim of ransomware. It is also important to conduct security training for staff and educate them with necessary cyber security knowledge to help mitigate the cloud threat.In the future, more advanced technology can help both cloud service providers and their customers to protect their assets from attackers. For example, using a more secure authentication system such as multi factor authentication can help to increase the cloud security level. Behavioural analytics can also help to detect unusual activity in account activities and system administrators can take necessary steps to mitigate the threat

Post Author: admin


I'm Irvin!

Would you like to get a custom essay? How about receiving a customized one?

Check it out