Skip to main content

Cloud misconfiguration continues to pose a huge threat

(Image credit: Image source: Shutterstock/deepadesigns)

Cloud misconfigurations continue to pose an enormous threat to businesses everywhere, with millions of dollars in damages and brand reputation at stake.

This is according to a new report from Palo Alto Networks (opens in new tab), whose cybersecurity research arm (Unit 42) recently discovered two critical Amazon Web Services (AWS) misconfigurations (opens in new tab) in a customer’s environment.

According to the company’s report, the flaws had the potential to bring about a "multi-million-dollar data breach”.

Speaking to SDX Central (opens in new tab) on the topic, the company’s CSO of Public Cloud, Matt Chiodi, said that the finding was not an isolated incident, but rather a common occurrence.

“We found thousands upon thousands of other accounts that were susceptible to the same type of identity misconfigurations (opens in new tab). So, we know this isn’t just an isolated problem. This is a widespread problem in the cloud,” he explained.

In these particular cases, however, Chiodi said the misconfigurations were injected by the customer itself, by mistake. The good news is that the flaw doesn’t seem to have been exploited in the wild.

The misconfiguration was related to the IAM role trust policy “AssumeRole” which, if exploited, could allow an attacker access to sensitive resources. As a consequence, the attacker could launch denial-of-service attacks, distribute malware or advanced persistent threats (APT).

Chiodi also said the researchers managed to move laterally throughout the target company, escalating their privilege and gaining admin access to the entire cloud environment.

These misconfigurations can be abused in a number of ways, so Chiodi advises businesses to focus on improving and strengthening the defense of their cloud infrastructure.

Sead Fadilpašić
Sead Fadilpašić

Sead Fadilpašić is a freelance tech writer and journalist with more than 17 years experience writing technology-focussed news, blogs, whitepapers, reviews, and ebooks. And his work has featured in online media outlets from all over the world, including Al Jazeera Balkans (where he was a Multimedia Journalist), Crypto News, TechRadar Pro, and IT Pro Portal, where he has written news and features for over five years. Sead's experience also includes writing for inbound marketing, where he creates technology-based content for clients from London to Singapore. Sead is a HubSpot-certified content creator.