WebProNews

Category: CloudSecurityUpdate

CloudSecurityUpdate

  • US Agencies Request the Most User Data From Big Tech, Apple Complies the Most

    US Agencies Request the Most User Data From Big Tech, Apple Complies the Most

    Americans concerned about their user data falling into the hands of foreign governments may want to look closer to home.

    According to new research by VPN provider SurfShark, the US government makes the most requests for user data from Big Tech companies than any other jurisdiction in the world. The company analyzed data requests to Apple, Google, Meta, and Microsoft by “government agencies of 177 countries between 2013 and 2021.”

    The US came in first with 2,451,077 account requests, more than four times the number of Germany, the number two country on the list. In fact, the US made more requests than all of Europe, including the UK, which collectively came in under 2 million.

    While the US and EU were responsible for a combined total of 60% of all data requests, the US “made 8 times more requests than the global average (87.9/100k).”

    The number of accounts being accessed is also growing, with a five-times increase in requests from 2013 to 2021. The US alone saw a 348% increase during the time frame, and the scope and purpose of the requests are expanding.

    “Besides requesting data from technology companies, authorities are now exploring more ways to monitor and tackle crime through online services. For instance, the EU is considering a regulation that would require internet service providers to detect, report, and remove abuse-related content,” says Gabriele Kaveckyte, Privacy Counsel at Surfshark. “On one hand, introducing such new measures could help solve serious criminal cases, but civil society organizations expressed their concerns of encouraging surveillance techniques which may later be used, for example, to track down political rivals.”

    The report also sheds light on which companies comply the most versus which ones push back against requests. For all of its privacy-oriented marketing — “what happens on your iPhone stays on your iPhone” — Apple complies with data requests more than any other company, handing it over 82% of the time.

    In contrast, Meta complies 72% of the time, and Google does 71% of the time. Microsoft, on the other hand, pushes back the most among Big Tech companies, only handing data over 68% of the time.

    The findings may also put a dent in US efforts to ban TikTok and other foreign apps under the guise of protecting user privacy and data.

  • One-Third of Organizations Struggle With Data Loss Prevention Systems

    One-Third of Organizations Struggle With Data Loss Prevention Systems

    The Cloud Security Alliance (CSA) has bad news for the industry, saying that nearly one-third of organizations struggle with data loss prevention (DLP) systems.

    The CSA is an organization dedicated to helping secure cloud computing. A survey the organization conducted with Netskope found that DLP solutions are a critical component used in cloud security.

    Unfortunately, that’s where the good news ends. While companies are relying on DLP systems, nearly a third struggle to use them effectively.

    Among the top challenges cited by organizations are management difficulties (29%), too many false positives (19%), the need for manual version upgrades (18%), and deployment complexity (15%).

    “DLP solutions are an integral part of organizations’ data security strategy, but leaders are still struggling with this strategy and the implementation of solutions, especially for how complicated legacy and on-prem based solutions are to manage and maintain,” said Naveen Palavalli, Vice President of Products, Netskope. “These findings highlight the need for a comprehensive and easy-to-use cloud delivered data protection solution that integrates into their existing security controls and is a key tenant of their Zero Trust security strategy.”

    Cloud security is increasingly in the spotlight as more and more organizations experience data breaches at a time when the cloud is becoming integral to more companies and industries.

    The Biden administration has signaled it is preparing to regulate cloud security in an effort to better protect organizations. If the CSA’s findings are any indication, it looks like the industry could use the help.

  • Biden Administration Prepares to Regulate Cloud Security

    Biden Administration Prepares to Regulate Cloud Security

    The Biden Administration is preparing to regulate cloud security, viewing the industry as too great a security risk to ignore.

    Cloud computing has become an increasingly integral part of daily life for companies, government organizations, and individuals alike. There’s hardly any aspect of daily life that isn’t touched by the cloud in some way. That ubiquity is a source of concern, especially with the growing number and scope of cybersecurity threats.

    According to Politico, the Biden Administration now views the cloud industry as “too big to fail” and is beginning the process of regulating cloud computing security.

    The industry has “become essential to our daily lives,” Kemba Walden, acting national cyber director, told Politico. “If it’s disrupted, it could create large potentially catastrophic disruptions to our economy and to our government.”

    Industry veterans echoed those concerns.

    “A single cloud provider going down could take down the internet like a stack of dominos,” said Marc Rogers, chief security officer at Q-Net Security and former Cloudflare head of information security.

    Unfortunately while companies have raced to deploy cloud platforms and services, cloud security has often lagged behind, leaving organizations and individuals vulnerable. Even worse, critical infrastructure has come under attack as a result of cloud security lapses.

    “The reality is that today cloud security is often separate from cloud,” said Anne Neuberger, the deputy national security adviser for cyber and emerging technology. “We need to get to a place where cloud providers have security baked in with that.”

    Her sentiments echo those of Google executives, who recently penned a blog post calling for companies to be held accountable for cybersecurity:

    “The bottom line: People deserve products that are secure by default and systems that are built to withstand the growing onslaught from attackers,” the executives wrote.

    The Biden Administration agrees:

    “In the United States, we don’t have a national regulator for cloud. We don’t have a Ministry of Communication. We don’t have anybody who would step up and say, ‘It’s our job to regulate cloud providers,’” said Rob Knake, deputy national cyber director for strategy and budget. The cloud, he said, “needs to have a regulatory structure around it.”

  • WhatsApp and Signal Poised to Leave UK Over Encryption Law

    WhatsApp and Signal Poised to Leave UK Over Encryption Law

    United Kingdom users may be out of luck when it comes to messaging clients, with both WhatsApp and Signal prepared to leave.

    The UK is currently working to pass its Online Safety Bill, a piece of legislation that virtually all critics say would have a devastating impact on encryption and online security. Proponents of the bill have been accused of “magical thinking,” in which they believe encryption can be selectively weakened to catch bad guys.

    The UK’s government is

    WhatsApp and Signal have both come out saying they will refuse to weaken their encryption, a decision that would lead to them leaving the UK.

    “It’s a remarkable thing to think about,” said Will Cathcart, Meta’s head of WhatsApp, via The Guardian. “There isn’t a way to change it in just one part of the world. Some countries have chosen to block it: that’s the reality of shipping a secure product. We’ve recently been blocked in Iran, for example. But we’ve never seen a liberal democracy do that.

    “The reality is, our users all around the world want security,” added Cathcart. “Ninety-eight per cent of our users are outside the UK. They do not want us to lower the security of the product, and just as a straightforward matter, it would be an odd choice for us to choose to lower the security of the product in a way that would affect those 98% of users.”

    Similarly, Signal President Meredith Whittaker told the BBC: “We would absolutely 100% walk rather than ever undermine the trust that people place in us to provide a truly private means of communication.

    “We have never weakened our privacy promises, and we never would.”

    For its part, the British Home Office is recycling the age-old argument that there must be some way to protect privacy and simultaneously undermine it for the sake of catching criminals.

    “It is important that technology companies make every effort to ensure that their platforms do not become a breeding ground for paedophiles,” the Home Office stated.

    “The Online Safety Bill does not represent a ban on end-to-end encryption but makes clear that technological changes should not be implemented in a way that diminishes public safety – especially the safety of children online.

    “It is not a choice between privacy or child safety – we can and we must have both.”

    Unfortunately, as mathematicians, programmers, computer experts, privacy advocates, and many lawmakers have stated, that’s simply not how encryption works.

    “Encryption is either protecting everyone or it is broken for everyone,” Whitaker added.

    That fundamental law of mathematics is why Germany has come out opposed to a similar measure making its way through the EU, instead emphasizing the need to bolster traditional investigative methods to compensate.

  • National Cyber Strategy Puts Cybersecurity Burden on Big Tech

    National Cyber Strategy Puts Cybersecurity Burden on Big Tech

    The White House unveiled its National Cyber Strategy, shifting the burden of providing security from individuals to Big Tech.

    Cybersecurity has become a major issue for individuals, businesses, and government agencies, with hardly a day going by without disclosure of another data breach. According to CNBC, a key component of the new strategy is putting the burden of protection on Big Tech, the segment best equipped to address security issues.

    “The president’s strategy fundamentally reimagines America’s cyber social contract,” Acting National Cyber Director Kemba Walden said during a press briefing on Wednesday. “It will rebalance the responsibility for managing cyber risk onto those who are most able to bear it.”

    Walden added, “the biggest, most capable and best-positioned actors in our digital ecosystem can and should shoulder a greater share of the burden for managing cyber risk and keeping us all safe.”

    The strategy document emphasizes the importance of the public and private sectors working together:

    The most capable and best-positioned actors in cyberspace must be better stewards of the digital ecosystem. Today, end users bear too great a burden for mitigating cyber risks. Individuals, small businesses, state and local governments, and infrastructure operators have limited resources and competing priorities, yet these actors’ choices can have a significant impact on our national cybersecurity. A single person’s momentary lapse in judgment, use of an outdated password, or errant click on a suspicious link should not have national security consequences. Our collective cyber resilience cannot rely on the constant vigilance of our smallest organizations and individual citizens.

    Instead, across both the public and private sectors, we must ask more of the most capable and best- positioned actors to make our digital ecosystem secure and resilient. In a free and interconnected society, protecting data and assuring the reliability of critical systems must be the responsibility of the owners and operators of the systems that hold our data and make our society function, as well as of the technology providers that build and service these systems. Government’s role is to protect its own systems; to ensure private entities, particularly critical infrastructure, are protecting their systems; and to carry out core governmental functions such as engaging in diplomacy, collecting intelligence, imposing economic costs, enforcing the law, and, conducting disruptive actions to counter cyber threats. Together, industry and government must drive effective and equitable collaboration to correct market failures, minimize the harms from cyber incidents to society’s most vulnerable, and defend our shared digital ecosystem.

    The National Cyber Strategy echoes sentiments voiced by Google, in which the company threw its support behind companies being held responsible for cybersecurity. Google also emphasized the need for companies to build systems that are fundamentally more secure — rather than offloading that burden on the average user.

  • Google Cloud May Be Vulnerable to Unnoticed Data Theft

    Google Cloud May Be Vulnerable to Unnoticed Data Theft

    Google Cloud may be more vulnerable than its competitors to unnoticed data theft, thanks to logs that are not as helpful as they should be.

    Cybersecurity firm Mitiga analyzed Google Cloud’s online storage and found that the platform’s logging mechanism comes up woefully short in terms of providing useful information. This is especially concerning since these logs are used by security professionals and law enforcement to identify the scope of a potential breach.

    According to Mitiga, Google’s current logging system cannot effectively differentiate between a threat actor viewing data versus exfiltrating it:

    Even with the detailed logging constraint applied, Google logs events of reading Metadata of an object in a bucket the same way it logs events of downloading the exact same object. This lack of coverage means that when a threat actor downloads your data or, even worse, exfiltrates it to an external bucket, the only logs you would see will be the same as if the TA just viewed the metadata of the object.

    While this issue doesn’t inherently make Google Cloud any more insecure than the next cloud provider, it does mean that customers impacted by a data breach on Google Cloud may have a much harder time taking the appropriate investigative action.

    Mitiga reached out to Google Cloud and received the following response:

    “The Mitiga blog highlights how Google’s Cloud Storage logging can be improved upon for forensics analysis in an exfiltration scenario with multiple organizations. We appreciate Mitiga’s feedback, and although we don’t consider it a vulnerability, have provided mitigation recommendations.”

  • Google Workspace Finishes Client-Side Encryption Rollout

    Google Workspace Finishes Client-Side Encryption Rollout

    Google has taken a major step toward improving privacy and security for Workspace users, rolling out client-side encryption (CSE).

    CSE is an integral part of a complete security approach since it ensures that only the owner can decrypt and view their own data. Google already deployed CSE for Drive, Docs, Slides, Sheets, and Meet last year, but is now finishing the rollout by bringing it to Gmail and Calendar.

    Writing in a blog post, Google Workspace Director of Product Management Andy Wen and Product Manager Ganesh Chilakapati, outline how CSE compliments the privacy and security features already present in Workspace:

    Workspace already encrypts data at rest and in transit by using secure-by-design cryptographic libraries. Client-side encryption takes this encryption capability to the next level by ensuring that customers have sole control over their encryption keys — and thus complete control over all access to their data. Starting today, users can send and receive emails or create meeting events with internal colleagues and external parties, knowing that their sensitive data (including inline images and attachments) has been encrypted before it reaches Google servers.

    Remaining compliant with various regulations is a key benefit of CSE:

    Users can continue to collaborate across other essential apps in Google Workspace while IT and security teams can ensure that sensitive data stays compliant with regulations. As customers retain control over the encryption keys and the identity management service to access those keys, sensitive data is indecipherable to Google and other external entities.

    The rollout of CSE could help Google make significant headway, especially in those markets that require heightened security:

    “We have been searching for the capability to guarantee that our encrypted communications remain inaccessible to third-parties, including our technology providers, for some time. Google appears to be uniquely positioned with client-side encryption in providing us with complete control over our sensitive data, ensuring that we remain compliant as an organization in the ever changing world of data regulation. These features now being available across Google Workspace represent a pivotal moment for us. We’re enthusiastic about the ability to continue to benefit from the efficiency in working that Workspace provides us with, whilst at the same time maintaining trust with our customers that their confidential data will stay private and compliant,” said Shaun Bookham, UK Operations & Technology Director at PwC.

  • GoDaddy Suffered Multi-Year Breach, Malware Installed On Servers

    GoDaddy Suffered Multi-Year Breach, Malware Installed On Servers

    GoDaddy has informed customers it suffered a multi-year breach, one that involved hackers installing malware on its servers.

    GoDaddy said it started receiving complaints from customers in December 2022. Some customers reported their websites intermittently redirecting to other domains. The company investigated, but the issue was difficult to prove since it appeared to be happening randomly across its customer base.

    Ultimately, the company realized it had been hacked and malware was responsible for the unusual behavior:

    As our investigation continued, we discovered that an unauthorized third party had gained access to servers in our cPanel shared hosting environment and installed malware causing the intermittent redirection of customer websites. Once we confirmed the intrusion, we remediated the situation and implemented security measures in an effort to prevent future infections.

    In the company’s 10-K filing, it acknowledged the breach was the result of a multi-year campaign against the it:

    Based on our investigation, we believe these incidents are part of a multi-year campaign by a sophisticated threat actor group that, among other things, installed malware on our systems and obtained pieces of code related to some services within GoDaddy.

    GoDaddy says it is applying the lessons it has learned from this breach in an effort to improve security. The company also says “these incidents as well as other cyber threats and attacks have not resulted in any material adverse impact to our business.”

    Despite its assurances, it’s a safe bet many customers will likely start migrating away from GoDaddy to more secure hosting services, something that will likely have a major impact on its business.

  • Microsoft Is Working on Comprehensive SaaS Security

    Microsoft Is Working on Comprehensive SaaS Security

    Microsoft is working to improve SaaS security, shifting to “to a comprehensive SaaS security solution.”

    Software as a service is an increasingly important part of the remote and hybrid workplace, and is only growing in popularity. Unfortunately, properly securing SaaS applications can be a logistical nightmare. In fact, citing research from Better Cloud, Microsoft points to the 59% of security professionals that struggle to manage SaaS security.

    Microsoft believes the key lies in protecting data within cloud apps, rather than just focusing on cloud access security. The company has expanded the scope of its Defender for Cloud Apps to help provide that layer of security.

    Today, we are excited to announce that Defender for Cloud Apps is extending its SSPM capabilities to some of the most critical apps organizations use today, including Microsoft 365, Salesforce,3 ServiceNow,4 Okta,5 GitHub, and more.

    Another important component of Defender for Cloud Apps is the ability to help personnel research configuration best practices for SaaS app security.

    To streamline this process, Defender for Cloud Apps launched SSPM in June 2022 to surface misconfigurations and provide recommendations to strengthen an app’s posture.

    In preview starting today, Defender for Cloud Apps now provides security posture management for Microsoft 365, Salesforce, ServiceNow, Okta, GitHub, and more. Not only are we expanding the breadth of app coverage but also the depth of assessments and capabilities for each application.

    The tight integration within Microsoft 365 Defender will give organizations security across the full scope of their operations.

    That’s why Defender for Cloud Apps is natively integrated into Microsoft 365 Defender. The XDR technology correlates signals from the Microsoft Defender suite across endpoints, identities, email, and SaaS apps to provide incident-level detection, investigation, and powerful response capabilities like automatic attack disruption. The integration of SaaS security into an XDR experience gives SOC teams full kill chain visibility and improves operational efficiency with better prioritization and shorter response times to ultimately protect the organization more effectively.

  • Google Cloud & Health-ISAC Partner to Bolster Healthcare Cybersecurity

    Google Cloud & Health-ISAC Partner to Bolster Healthcare Cybersecurity

    Google Cloud and Health-ISAC have announced a partnership aimed at helping the healthcare industry bolster cybersecurity.

    Like many industries, healthcare has been hard-hit by cybersecurity threats, with ransomware attacks shutting down hospitals and compromising operations. Google Cloud and Health-ISAC (Health Information Sharing and Analysis Center) are working together to “help Health-ISAC members discover threats more rapidly” and “also assist in evicting malicious actors from their infrastructure.”

    Today, we’re announcing the general availability of our next investment in this community. Working with the Health-ISAC Threat Operations Center, Google Cloud security engineers developed an open sourced integration that connects the Health-ISAC Indicator Threat Sharing (HITS) feed directly with Google Cloud’s Chronicle Security Operations information and event management. HITS allows Health-ISAC members to easily connect and quickly share cyber threat intelligence through machine-to-machine automation.

    “The integration of Health-ISAC’s threat feed with Chronicle Security Operations is exciting to see,” said Errol Weiss, Health-ISAC’s chief security officer. “Our members can now ingest Health-ISAC’s Signature Threat Feed of member-to-member shared threat indicators into Chronicle, and use that information to help automation and threat analyst decisions when protecting critical network infrastructure.”

  • Red Hat Signs Partnership to Bring RHEL to Oracle Cloud

    Red Hat Signs Partnership to Bring RHEL to Oracle Cloud

    Red Hat has signed a major partnership with Oracle to bring Red Hat Enterprise Linux to Oracle Cloud Infrastructure.

    Red Hat is a leading Linux and open source company, with its RHEL being one of the most popular enterprise Linux offerings and the backbone of the company’s hybrid cloud tech. The expanded partnership with Oracle will see RHEL running as a supported operating system on OCI.

    “Starting today, customers can deploy Red Hat Enterprise Linux on OCI and receive full support for these certified configurations from both Red Hat and Oracle,” said Clay Magouyrk, executive vice president, Oracle Cloud Infrastructure. “Deepening our collaboration in the future will see us support additional products and workloads on OCI so customers have more flexibility.”

    The two companies clearly see a chance to capitalize on their combined popularity.

    Ninety percent of the Fortune 500 currently rely on Red Hat and Oracle solutions. For many of these companies, Red Hat Enterprise Linux serves as their operating system foundation and OCI offers them high-performing, mission-critical cloud services, to power digital-forward operations. Now these organizations are able to standardize their cloud operations with Red Hat Enterprise Linux running on OCI, which enables customers to gain a common platform that stretches from their datacenter to the OCI distributed cloud.

    “Customer choice, from hardware to cloud provider, is a crucial commitment for Red Hat, whether these organizations are running operations in their own datacenters, on multiple public clouds or at the far edge,” said Ashesh Badani, senior vice president, head of Products, Red Hat. “Our collaboration with Oracle to deliver full support for Red Hat Enterprise Linux on OCI further cements this commitment to choice by extending cloud deployment options for our customers, and laying the foundation to make additional Red Hat solutions available to customers digitally transforming on OCI.”

    The deal is a big win for Red Hat and its parent company IBM, as well as for Linux in general.

  • Google Expands Access to End-to-End Encryption in Gmail

    Google Expands Access to End-to-End Encryption in Gmail

    Google is rolling out end-to-end encryption (E2EE) for Gmail, expanding access to the beta for eligible customers.

    E2EE is an important security feature that ensures even Google can’t read a person’s email when it resides on their servers. Google announced the change in a blog post:

    We’re expanding customer access to client-side encryption in Gmail on the web. Google Workspace Enterprise Plus, Education Plus, and Education Standard customers are eligible to apply for the beta until January 20th, 2023.

    Using client-side encryption in Gmail ensures sensitive data in the email body and attachments are indecipherable to Google servers. Customers retain control over encryption keys and the identity service to access those keys.

    E2EE is the gold standard for encryption and security and its nice to see Google expanding access to it.

  • Microsoft Bans Crypto Mining On Its Cloud Platform

    Microsoft Bans Crypto Mining On Its Cloud Platform

    Microsoft has updated its Universal License Terms for Online Services to prohibit crypto mining on its cloud platform.

    Cloud platforms are popular options for crypto mining, but the practice is not without its challenges and risks. Microsoft has deemed those risks too great to allow mining on its cloud platform.

    The company included the following note in its Summary of Changes:

    Updated Acceptable Use Policy to clarify that mining cryptocurrency is prohibited without prior Microsoft approval.

    The company didn’t elaborate, but provided the following statement to The Register:

    “Crypto currency mining can cause disruption or even impairment to Online Services and its users and can often be linked to cyber fraud and abuse attacks such as unauthorized access to and use of customer resources.

    “We made this change to further protect our customers and mitigate the risk of disrupting or impairing services in the Microsoft Cloud.”

  • Dropbox Acquiring Boxcyptor Assets to Enable End-to-End Encryption

    Dropbox Acquiring Boxcyptor Assets to Enable End-to-End Encryption

    Dropbox has announced a deal to acquire assets from Boxcryptor in an effort to bring end-to-end encryption to its service.

    Dropbox is one of the most popular cloud storage services, but it doesn’t have end-to-end encryption like Tresorit and other more security-conscious services. Dropbox is looking to change that by acquiring assets from Boxcryptor. Boxcryptor is an independent service that helps user encrypt their files across a range of cloud services, adding an extra layer of security.

    Dropbox announced the deal in a blog post:

    Today, we’re excited to share that we’ve signed an agreement to acquire several key assets from Boxcryptor, a provider of end-to-end “zero-knowledge” encryption for cloud storage services. The combination of Boxcryptor’s leading encryption capabilities and Dropbox’s easy-to-use product, with our already robust security features, will help us better meet our customers’ evolving needs.

    The only downside to Dropbox’s plans is that it seems Boxcryptor’s features will only be available to business users:

    We plan to embed Boxcryptor’s capabilities natively within Dropbox for our business users on our paid plans, adding an additional layer of security by encrypting files locally on their devices prior to syncing their content to Dropbox.

    Despite the limitation, Dropbox’s announcement is good news for security-minded customers.

  • Rackspace Hosted Exchange Hit by ‘Security Incident’

    Rackspace Hosted Exchange Hit by ‘Security Incident’

    Rackspace is dealing with a “security incident” involving its Hosted Exchange service, prompting the company to shut the service down.

    Rackspace first became aware of the issue on Friday, December 2. The company acknowledged the issue on its incident report page:

    On Friday, Dec 2, 2022, we became aware of an issue impacting our Hosted Exchange environment. We proactively powered down and disconnected the Hosted Exchange environment while we triaged to understand the extent and the severity of the impact. After further analysis, we have determined that this is a security incident.

    The company updated its report Sunday, saying it was working on the problem but customers should considering using Microsoft 365 in the meantime:

    We continue to make progress in addressing the incident. The availability of your service and security of your data is of high importance. We have committed extensive internal resources and engaged world-class external expertise in our efforts to minimize negative impacts to customers. We will continue to report our progress and update you as we have more information that we can share.

    In order to best protect the environment, this will continue to be an extended outage of Hosted Exchange. At this time, moving to Microsoft 365 is the best solution for customers, and we highly encourage affected customers to move to this platform. Since our last update, we have been able to successfully restore email services to thousands of customers on Microsoft 365.

  • AWS Unveils ‘AWS Digital Sovereignty Pledge’

    AWS Unveils ‘AWS Digital Sovereignty Pledge’

    AWS is unveiling its latest initiative designed to help it remain the cloud leader: the AWS Digital Sovereignty Pledge.

    Digital sovereignty is an increasingly important aspect of cloud computing, as countries and jurisdictions endeavor to legislate privacy, security, and other online concerns. AWS has always strongly supported digital sovereignty, being the first major cloud provider to give customers the ability to control where their data was hosted, as well as how and where it moved.

    The company is doubling down on that track record with its AWS Digital Sovereignty Pledge, giving customers the most powerful tools available for managing digital sovereignty.

    “Our approach to delivering on this pledge is to continue to make the AWS Cloud sovereign-by-design—as it has been from day one,” writes Matt Garman, Senior Vice President of AWS Sales, Marketing and Global Services. “Early in our history, we received a lot of input from customers in industries like financial services and healthcare—customers who are among the most security- and data privacy-conscious organizations in the world—about what data protection features and controls they would need to use the cloud.”

    The company is applying this “sovereign-by-design” approach in several key areas:

    • Control over data location
    • Verifiable data access control
    • Everything, everywhere encryption
    • Cloud resilience

    “At AWS, earning customer trust is the foundation of our business. We understand that protecting customer data is key to achieving this,” Garman continues. “We also know that trust must continue to be earned through transparency. We are transparent about how our services process and transfer data. We will continue to challenge requests for customer data from law enforcement and government agencies. We provide guidance, compliance evidence, and contractual commitments so that our customers can use AWS services to meet compliance and regulatory requirements. We commit to continuing to provide the transparency and business flexibility needed to meet evolving privacy and sovereignty laws.”

  • Cloudflare Launches Adaptive DDoS Protection

    Cloudflare Launches Adaptive DDoS Protection

    Cloudflare has launched its latest weapon in the war to protect the internet from bad actors: Adaptive DDoS Protection.

    Cloudflare is one of the leading content delivery networks (CDN), and is at the forefront of cybersecurity. The company has been at the forefront of DDoS protection, helping to thwart some of the biggest attacks in history.

    As part of its ongoing efforts to improve security, Cloudflare has introduced Adaptive DDoS Protection. The new feature coexists with the company’s existing DDoS protection tools but takes it to the next level by learning a customer’s traffic patterns and using that info to add an extra layer of protection.

    “The Adaptive DDoS Protection system creates a traffic profile by looking at a customer’s maximal rates of traffic every day, for the past seven days,” writes Omer Yoachimik, Product Manager / Cloudflare’s DDoS Protection Service. “The profiles are recalculated every day using the past seven-day history. We then store the maximal traffic rates seen for every predefined dimension value. Every profile uses one dimension and these dimensions include the source country of the request, the country where the Cloudflare data center that received the IP packet is located, user agent, IP protocol, destination ports and more.”

    The new feature works out of the box, automatically creating the profiles it needs to function. Customers can then tweak the sensitivity rules, as well as what actions are taken in response.

    “Adaptive DDoS Protection complements the existing DDoS protection systems which leverages dynamic fingerprinting to detect and mitigate DDoS attacks,” Yoachimik adds. “The two work in tandem to protect our customers from DDoS attacks. When Cloudflare customers onboard a new Internet property to Cloudflare, the dynamic fingerprinting protects them automatically and out of the box — without requiring any user action. Once the Adaptive DDoS Protection learns their legitimate traffic patterns and creates a profile, users can turn it on to provide an extra layer of protection.”

    Cloudflare’s goal is nothing short of ending the threat DDoS attacks pose, and its latest feature is a major step in that direction.

  • Twitter Whistleblower Lends Weight to Elon Musk’s Claims

    Twitter Whistleblower Lends Weight to Elon Musk’s Claims

    Peiter Zatko, who served as Twitter’s head of cybersecurity, has filed a complaint with federal agencies and bolstered Elon Musk’s claims.

    Zatko is the famous and well-respected hacker who goes by the handle “Mudge.” He served as Twitter’s cybersecurity head from late 2020, when he was hired by then-CEO Jack Dorsey until he was fired by the current CEO at the beginning of 2022. According to The Washington Post, he claims the company and CEO Parag Agrawal is intentionally misleading investors and regulators about the state of its security and its issues with spam bots.

    “Agrawal’s Tweets and Twitter’s previous blog posts misleadingly imply that Twitter employs proactive, sophisticated systems to measure and block spam bots,” the complaint says. “The reality: mostly outdated, unmonitored, simple scripts plus overworked, inefficient, understaffed, and reactive human teams.”

    That statement, as well as the complaint in general, will certainly bolster Elon Musk’s case against Twitter. The tech mogul is trying to back out of his deal to purchase the social media company based on his belief the company is not being truthful about the scope of its spam bot issues. He also claims the company has misled investors.

    Read more: Elon Musk Accuses Twitter of Running a ‘Scheme’

    Zatko also claims to have found multiple instances where Twitter was in violation of a 2011 settlement with the FTC, failing to implement security measures and properly protect users, as it had been ordered to do. While Twitter claims to have complied with its obligations, the sheer number of security breaches the company has faced — not to mention the ease with which the breaches occurred — lends weight to Zatko’s claims.

    “If all of that is true, I don’t think there’s any doubt that there are order violations,” David C. Vladeck told the Post in an interview. Vladeck is now a Georgetown Law professor but previously served as director of the FTC’s bureau of consumer protection when the settlement was reached in 2011. “It is possible that the kinds of problems that Twitter faced eleven years ago are still running through the company.”

    The complaint alleges Twitter has exceptionally poor security policies in place, policies that leave the company, its intellectual property, and its customers vulnerable to bad actors. Roughly 30% of the company’s laptops allegedly would not automatically update software to receive the latest security fixes. Even worse, Zatko says thousands of laptops had full copies of Twitter’s source code on them, a scenario that is a dream come true for hackers. Why waste time trying to penetrate a carefully secured and protected programming repository when stealing one of the thousands of available laptops will yield the same result?

    See also: Elon Musk’s Twitter Cancellation Letter

    “It’s near-incredible that for something of that scale there would not be a development test environment separate from production and there would not be a more controlled source-code management process,” Tony Sager, former chief operating officer at the cyberdefense wing of the National Security Agency, told the Post. “Almost any attack scenario is fair game and probably easily executed.”

    The Post interviewed more than a dozen current and former employees for context. While some did say the company deployed extensive measures to fight spam, many agreed with much of Zatko’s complaint regarding the general state of security and dysfunction within the company.

    For his part, Zatko sees blowing the whistle on Twitter as the final step in completing the job he was hired to do.

    “This would never be my first step, but I believe I am still fulfilling my obligation to Jack and to users of the platform,” Zatko said. “I want to finish the job Jack brought me in for, which is to improve the place.”

  • Google Cloud Blocked the Largest Ever DDoS Attack

    Google Cloud Blocked the Largest Ever DDoS Attack

    Google Cloud has blocked the largest ever DDoS, one that hit peaked at 46 million requests per second (rps).

    Google Cloud provides its customers with its Cloud Armor service, designed to protect against web attacks, including DDoS attempts. According to the company, one of its cloud customers using Cloud Armor experienced the largest ever DDoS attack on June 1. The attack hit 46 million rps, 76% more than the previous record. As Google points out, that is the equivalent of all of Wikipedia’s daily requests in the span of 10 seconds.

    According to the company, Cloud Armor was a smashing success, helping the customer stay online despite the scale of the attack.

    Cloud Armor Adaptive Protection was able to detect and analyze the traffic early in the attack lifecycle. Cloud Armor alerted the customer with a recommended protective rule which was then deployed before the attack ramped up to its full magnitude. Cloud Armor blocked the attack ensuring the customer’s service stayed online and continued serving their end-users.

    Google’s service was able to identify the attack early on, giving the customer the time and opportunity to take the necessary steps to prevent it from crippling their operation.

    The attack was stopped at the edge of Google’s network, with the malicious requests blocked upstream from the customer’s application. Before the attack started, the customer had already configured Adaptive Protection in their relevant Cloud Armor security policy to learn and establish a baseline model of the normal traffic patterns for their service.

    As a result, Adaptive Protection was able to detect the DDoS attack early in its life cycle, analyze its incoming traffic, and generate an alert with a recommended protective rule–all before the attack ramped up. The customer acted on the alert by deploying the recommended rule leveraging Cloud Armor’s recently launched rate limiting capability to throttle the attack traffic. They chose the ‘throttle’ action over a ‘deny’ action in order to reduce chance of impact on legitimate traffic while severely limiting the attack capability by dropping most of the attack volume at Google’s network edge.

    Google is currently the third-largest cloud provider. Success stories like this, however, should help the company score additional gains.

  • ServiceNow CEO Says Cloud Computing Is Century’s ‘Pervasive Computing Theme’

    ServiceNow CEO Says Cloud Computing Is Century’s ‘Pervasive Computing Theme’

    ServiceNow CEO Bill McDermott has called cloud computing the “pervasive computing theme of the 21st century.”

    The cloud computing market is experiencing major growth, due in no small part to the pandemic and the rise of hybrid work. All three of the top providers are experiencing major growth, with no signs of it slowing down. According to McDermott, cloud computing’s success is because of its “pervasive” and transformative nature.

    “It simplifies everything. Everything’s on the mobile. Everything’s beautiful and easy to use,” McDermott told Yahoo Finance.

    “It’s one platform that can single thread business across an entire enterprise, all functions of the business. So, it is a great unifier in a sense, because some people have very powerful Chief Information Officers, others have Chief Digital Officers, others have Chief People officers, others have these wonderful data managers,” McDermott added. “But to have one platform, that single thread, all of those powerful relationships to deliver great experiences is super exciting to us.”

    While the economic downturn has many companies hedging their bets and cutting costs, McDermott believes the cloud computing market can continue growing, buoyed by companies’ digital first strategies.

    “Ninety-five percent of CEOs have a digital first strategy. So, they’re leaning in to digital transformation. Because it’s the only way out. On one hand, it’s software as the great deflationary force,” McDermott said. “On another hand, if you can’t transform and recreate your business model, and innovate digitally, you lose the game. So, CEOs are very well aware of this. So, that tailwind is super strong.”

    McDermott’s predictions are good news for the cloud market and underscore the opportunities available to cloud providers.

  • Beginner’s Guide to the Benefits of Cloud Security

    Beginner’s Guide to the Benefits of Cloud Security

    Considering over 45% of US companies have experienced a data breach in the last 12 months, the rate of cybercrime impacting individuals and businesses across the globe is increasing at an alarming rate. While data leaks from breaches may seem like an easily-resolvable problem, they actually contribute to numerous bankruptcy filings, with 60% of small businesses that suffer a leak going bankrupt within the following year.

    With alarming statistics like these, it’s no wonder that more companies are turning toward updating their online security systems. The first line of defense when it comes to data protection and keeping systems safe is cloud security.

    In this article, we’ll be exploring exactly what cloud security is, demonstrating its benefits, and clarifying why your business should be moving to cloud security tools. Let’s get right into it.

    What Exactly is Cloud Security?

    Cloud security is the liberation of security services away from on-site premises and into the remote cloud. Instead of having huge repositories that contain security protocols that you store in your own building, businesses can turn to cloud security to get efficient coverage wherever they are.

    By moving to cloud security, you no longer need all the room for server storage, with the tools and software provided by this online form of security directly linking into your systems. These third-party data centers are often much cheaper to run than in-house data centers, saving your business money while also offering an unmatched level of security support.

    Going beyond this, cloud security is a very generalist term, acting as an umbrella for many types of cybersecurity. Everything from data center security and c to network security and detection and mitigation tools are included in this holistic practice. In short, it’s a comprehensive form of digital security for your business.

    What are the Advantages of Cloud Security?

    When it comes to cloud security, a large part of what makes this system so useful for modern businesses is how convenient and accessible it is. Around 20 years ago, to create a strong cyber defense for your company, you would have to designate large portions of your buildings to server storage space, also then paying someone to look after the servers and set up security protocols.

    Nowadays, by navigating to a cloud security agency, you’re able to select the cyber defense plan that you want and instantly get access to your business. Going beyond just the convenience of this service, there are a range of benefits to using cloud security:

    ●  Scalable

    ●  24/7 Support

    ●  DDoS Protection

    ●  Advanced Threat Detection

    Let’s break these down further.

    Scalable

    When it comes to in-house security, if you need to scale your security defenses, then you have to increase your server capacity, buy more hardware, and potentially even hire more management staff. On the other hand, if you need to increase your security when working with a cloud supplier, you simply click on a different package.

    As you can click through different personalized plans, you’ll always be able to find the very best cloud security package for your business. With this, scalability is made something simple and easy. Instead of having to plan months in advance, all you need to do if you want to boost your defense is to access your cloud supplier’s webpage and increase the scope of your plan.

    Cloud security services make scalability easier than ever.

    24/7 Support

    Another benefit of cloud security is that whenever you need to get in contact with support, you will be able to do so. Instead of an in-house team that has set working hours, cloud security offers 24/7 support, allowing you to get in contact with someone whenever you need to.

    Whether you have a particular problem that you need to sort out or you simply need advice or additional support, you’ll only need to get in contact with your security supplier. This around-the-clock supervision also means that your company is protected at all hours of the day, not just during daylight working hours.

    DDoS Protection

    20% of businesses that have over 50 employees have suffered a DDoS attack within the past 12 months, demonstrating how common this occurrence is. With additional layers of support and their own defenses, cloud security services are much harder to DDoS. Due to the much larger server base, they are much less vulnerable to DDoS attacks, making your business, in turn, less vulnerable.

    With their built-in redundancies and advanced security tools, they’ll prevent attacks and keep your business as safe as possible.

    Advanced Threat Detection

    As cloud security businesses only exist for that one function, all of their time and budget is poured back into the security protocols. Continually developing their defenses to cover every inch of the MITRE Attack Framework and more, they create a comprehensive level of defense.

    From neutralization to detection, every single aspect of this process is covered by a cloud security service, helping to keep your business as safe as can be. It will also cover all of your attack surfaces, helping you with everything from stopping ransomware emails to blocking any data penetration attempts.

    This is really only the beginning, with cloud security providing an incredibly advanced level of security for your whole business. No matter what individual packages or specific security protocols you need, you’ll be able to find a cloud security partner that has it all.

    Final Thoughts

    In an age where the digital threat from hackers is higher than ever, it’s only natural that more and more businesses are turning towards modern methods of protection, mitigation, and defense. As a customizable, scalable, convenient, and comprehensive digital security system, cloud security is one of the most all-encompassing cyber defenses that you can invest in.

    With continual updates, around-the-clock support, and the ability to scale your security services at a moment’s notice, cloud security is the mobile tool that all modern businesses should be looking towards.