Intelligent CISO Issue 76 | Page 16

LATEST intelligence

CLOUD ACCOUNT COMPROMISE AND TAKEOVER

Fast Facts
Description
Cloud account compromise is the act of maliciously gaining control over a legitimate user ’ s cloud-based email or collaboration service account – giving the attacker wide-ranging access to data , contacts , calendar entries , email and other system tools . Beyond the compromised user ’ s data , the attacker can use the account to impersonate the user in social engineering attacks such as business email compromise ( BEC ) and more , both inside and outside of the organisation . Threat actors can access sensitive data , persuade users or outside business partners to wire money or damage an organisation ’ s reputation and finances . They can also install backdoors to maintain access for future attacks .
• Malware , including keyloggers and credential stealers such as PunkeyPOS and Spyrix .
Types
• Credential theft – attackers exploit weak passwords , poor security systems and reused passwords from other sites to hack into systems .
• Malicious OAuth apps – use OAuth token phishing and app impersonation to manipulate account owners into delegating permissions for accessing system resources .
• Insider threats – credential loss created by negligence or malicious intent .
• Malware – malicious software installed in systems can go unnoticed for long periods of time . Such malware can steal credentials and communicate with the attacker .
Tools of the trade Risk factors
PRESENTED BY
• Phishing attacks , including OAuth token phishing .
• Brute-force attacks that automate credential guessing , such as Aircrack-ng and Jack the Ripper .
• Credential recycling or stuffing , which uses already stolen username and password pairs .
• Using shadow IT or cloud applications and services without approval from the IT department .
• Poor email and cloud security monitoring tools .
• Credential sharing among employees or with outside partners .
• Low user awareness of good security practices and common phishing techniques .
Download whitepaper at :
16 WWW . INTELLIGENTCISO . COM