question01-3

Honeypots Reveal How Hackers Might Attack Your Business’s Cloud-Based Systems

Frustrated businessman over demands of technology

When cloud services first entered the business scene, they were met with trepidation. One of the biggest concerns was security. Many business leaders believed that cloud-based solutions were not as secure their on-premises counterparts.

Nowadays, businesses have fully embraced the cloud. A 2018 report indicated that 96% of companies use at least one cloud service. Unfortunately, it is not uncommon for companies to set up cloud-based systems with little or no thought about security. This mindset could get companies into trouble, as cybercriminals are increasingly attacking cloud-based systems.

To learn more about the frequency and nature of these cyber attacks, security researchers at Armor conducted an experiment using honeypots. Honeypots are decoy computer systems designed to deceive and engage hackers. When operated in a research setting, honeypots are used to monitor hackers’ behaviours and learn their tactics.

The Experiment

The researchers set up three honeypots in a real public cloud. The first honeypot, decoy server A, did not have any security protections enabled and was included to establish a baseline for the attacks. The second honeypot, decoy server B, was protected using the firewall offered by the cloud service provider. This basic setup is common among small and midsized businesses, according to the researchers. The last honeypot, decoy server C, was protected with advanced security tools, such as intrusion detection and vulnerability scanning systems.

On the front end, the researchers built a website and patient portal for a fictitious small doctor’s office. The site and portal were fully operational. Even links to Facebook, Twitter, and LinkedIn accounts were added to make the site seem real.

The Results

The cyberattacks started just minutes after the honeypots were activated, according to the researchers. Initially, there was a steady stream of attacks, but later the number of attacks skyrocketed after a hacker posted a note about the “new target” on Pastebin, a site where hackers often share information about their exploits. Overall, decoy server A was attacked around 2,500 times per week. Decoy servers B and C became hacker targets an average of 563 and 509 times per week, respectively.

The hackers typically tried to access the decoy servers through SSH ports (usually port 22, which is the default SSH listening port) using brute-force authentication attacks. In this type of attack, cybercriminals typically use password-cracking tools to ascertain login credentials. These automated tools systematically try every possible character combination as a password.

The Takeaway

Cloud service providers institute many security measures to protect their customers’ server instances and the apps and data on them. However, as the results of the honeypot experiment illustrate, it is a good idea for businesses to take additional measures, such as:

  • Set up a firewall
  • Use public-key authentication rather than password-based authentication for SSH ports since hackers commonly use brute-force authentication attacks to try to crack SSH passwords
  • Keep all operating system software and applications running on your service instances up to date so that known security vulnerabilities are patched
  • Use strong, unique passwords for all apps and systems that use password-based authentication
  • Encrypt the data in case hackers infiltrate the server instances on which it is stored.

The specific measures that your business should take will depend on several factors, such as the types of apps and data you have in the cloud. We can walk you through your options and help you implement the measures that make the most sense for your company.

Get the most from your IT

As service providers to more than 300 companies, the dedicated professionals at MicroAge are second to none when it comes to managed services. By improving efficiency, cutting costs and reducing downtime, we can help you achieve your business goals!

Most commented posts

Advantages of IT Staffing Services for Your Business

Competent and trustworthy staff are the key to any successful business, but it can be difficult at times to find the right professionals suited for…

Read More
digital transformation numerique

Digital Transformation – Now or Never

Digital transformation has been a buzzword for years and every year, pundits declared that this was the year of digital transformation.  IDC predicted in late 2018…

Read More
Multi factor authentication

Everything You Should Know About Multi-Factor Authentication (MFA)

Most of us only use five or fewer passwords for all the applications and services we use. That includes both work related and personal apps…

Read More

Find Out What Data Microsoft Is Saving about You

If you use Windows 10 and have a Microsoft account, you can easily see the types of data that Microsoft has stored about you. Learn where you can find this data and how to delete it.

Read More
IT plan and budget informatique

4 Tips for Your IT Plan and Budget

With the business world going digital, today’s organizations need a strong IT framework and dedicated personnel. However, the fluidity of the IT landscape can present…

Read More