1. Beyond Sense
www.beyond-sense.com Written by Beyond-Sense team
Cloud computing is a fantastic innovation, making it
easier to collaborate, work and access our personal data
from anywhere in the world.
It is becoming the go-to method for backing up files and is
increasingly seen as the perfect solution to preventing
accidental data loss.
Most household names in IT offer cloud storage solutions,
Google, Amazon, as well as a host of specialist
companies and the sector grows every year. Cloud
computing does come with serious security risks that few
people are aware of, and even fewer prepare for.
Why hackers target cloud servers?
When stored in the cloud, your data becomes much more accessible to hackers. That doesn't mean it
necessarily becomes easier to steal, but the potential to do so increases dramatically. Hackers need only
one thing to be able to steal your data, an Internet connection to where it is stored. After that, it is simply a
test of their skills.
Everyone's home PC is connected to the Internet at some point during the day, so in theory, the risks
remain the same, whether you store your files on your own hard drive or on a cloud server. However,
hackers don't target individuals unless they have a very high profile, celebrities, politicians etc. What
hackers do like is to target big companies. Given the time and effort involved in hacking, it makes sense
to go for big scores and steal a lot of information. The more information stolen, the more likely it is that
hackers will find something of value to them. Depending on their motivation, that could be credit card
details, email dumps or, most worrying for private individuals, intimate pictures or potentially
embarrassing information.
What are the risks?
This makes cloud servers a prime target. We often back up our phones and laptops to the cloud without
realising it. Huge tracts of personal information about us are stored on a server we know nothing about.
Can you honestly say you are aware of the security plan of the company holding your data? Can you
even say you know who is storing your information? The main problem with cloud storage is that you are
handing responsibility for your pictures and files to someone else. That someone else is almost always a
large corporation whose primary goal is profit, not securing your data.
In many cases, they offer this service for free, in which case you need to consider this quote:
If you are not paying for it, you're not the customer; you're the product being sold.
Are you alone in your cloud?
Is your data safe when stored in the cloud?
2. A popular tactic used to steal data is to obtain your
password through phishing. Even the most careful
user can get fooled sometimes. A solution to
counter this is to use a cloud server that requires 2
Factor Authentication. This is a system where, as
well as a password, a second form of
authentication is used. A common example is
being required to decrypt an access code
encrypted with your PGP public key. Since a
hacker won't have access to your PGP private key,
your password is useless on its own.
Learn about how your phone and computer back
their files up. By understanding how it all works,
you will be aware of the potential security problems
posed by your own personal situation. There may
be something on your phone that you don't want
on a cloud server for example. You need to know
how to control what files your phone backs up so
you can prevent them appearing on malicious
websites.
Finally, never use a password for your cloud server account that you use on another website. If that
website is breached, the hackers now have the login details for your cloud server. No matter how
good the cloud server's security is, if hackers have your password, they can bypass it all.
How to secure your data
One way to 100% guarantee your data is safe
is to keep it on an external hard drive that is not
connected to the Internet (known as cold
storage). This is especially important when it
comes to compromising pictures or sensitive
information. Commercial cloud servers are
available to attack 24 hours a day. A single line
of poorly written code could provide hackers
with the exploit they need to steal all your files.
If you absolutely must use cloud storage,
consider encrypting your files. Then, even if
your files are stolen, they can't be accessed.
There is a huge range of free encryption
software available, particularly for private
users.
We often place our faith in large corporations and assume their security is first class, simply because they
are a large corporation. AT&T, Adobe and Yahoo have all been hacked. Size is no guarantee of security.
Celebrity users of Apple's iCloud service found this out the hard way in 2014 when hackers broke into the
iCloud servers and stole 500 private photos. These photos were then posted on 4chan imageboards
before going viral. Apple is among the largest companies in the world and yet it still failed to secure its
users data. However embarrassing this may have been for the celebrities involved, they are used to being
the centre of media attention. When this happens to an ordinary citizen, the impact is much more severe.
Once a photo has been leaked online, it cannot be undone. It can go viral in a matter of minutes.
In many cases, hackers will upload any kind of photo that is the least bit risque or embarrassing to sites
online that specialise in just that. It doesn't take long before they are downloaded and appear on porn
sites. As we have mentioned, it is next to impossible to have them removed.