How Can We Stop Cloud Jacking of SaaS Accounts?

How Can We Stop Cloud Jacking of SaaS Accounts?

The cloud has gone from a new concept to business as usual over the last decade. Cloud use makes sense for companies for a number of reasons, especially since the lockdowns of the pandemic.

Working in the cloud allows businesses and their employees to work from anywhere and greatly improves a company’s business continuity and disaster preparedness.

But this transition to the cloud has not gone unnoticed by cybercriminals. They’ve stepped up attacks of company Software as a Service (SaaS) accounts considerably because that’s now where the data is located. 

Attacks on cloud accounts increased 630% in 2020.

These attacks on cloud accounts have a name, they’re called “Cloud Jacking,” and they’re largely done through the use of hacked or otherwise compromised login credentials.

What Can Happen When a Cloud Account is Hijacked?

Cloud jacking involves a hacker being able to log into a company account as a user and gain access to the data and processes in that system.

For example, if a hacker manages to hijack a QuickBooks Online account it can result in them gaining access to banking information, sensitive customer files, and employee social security numbers from the payroll area. 

Cloud jacking can result in several different types of attacks, all of which means a costly cybersecurity incident for a company to deal with. The potential threats include:

  • Sending phishing emails to your staff or customers from your email domain
  • Stealing sensitive data to sell on the Dark Web
  • Changing security settings to allow for persistent attacks
  • Releasing ransomware or another type of malware
  • Deleting your data
  • Changing user permissions
  • Adding new users
  • Accessing conversations, emails, and anything else stored in the application

The rise of cloud use and attacks on cloud accounts makes cloud app security one of the most important considerations for any company’s IT security strategy.

Tips for Keeping Your Cloud Accounts Secure

Every Cloud Login Should Use Multi-Factor Authentication

Multi-factor authentication (MFA) is one of the most powerful safeguards you can put on your cloud accounts. It keeps a hacker that has a user password from being able to log in as that user.

MFA can stop 99.9% of fraudulent sign-in attempts because most of the time the hacker won’t have access to the device that receives the MFA code.

Remember that ransomware attack on Colonial Pipeline? The point of entry into the company’s network was an unused VPN account that did not have MFA enabled.

Practice Strong Password Security

In addition to MFA, you should also have users practice good password security. This includes employing multiple tactics to strengthen credentials, so they are less likely to be guessed or cracked with software.

Some of the best practices for strong password security are:

  • Using a password that is at least 7-10 characters long
  • Including at least one number
  • Including at least one symbol
  • Using both upper-case and lower-case letters
  • Using unique passwords for every login
  • Keeping passwords stored securely (e.g., in a password manager)

Deploy Anti-Phishing Safeguards

Theft of login credentials has become the main goal of phishing attacks and password theft accounts for 77% of all cloud account breaches.

Part of cloud security is reducing the risk that a user will accidentally click on a phishing email, be taken to a spoofed login form, and enter their login, unwittingly giving their credentials to the attacker.

Anti-phishing safeguards include:

  • Use of email filtering for spam and phishing
  • Use of DNS filtering to block malicious websites
  • Use of a strong antivirus/anti-malware to detect threats
  • Use of email authentication on your mail server to reduce email spoofing 

Use a Cloud Application Security Broker (CASB)

CASB’s, such as Microsoft Cloud App Security, help companies secure multiple SaaS accounts. Often, companies have so many cloud accounts with varying security settings that they are vulnerable to cloud jacking on any number of different cloud apps.

A cloud app security broker allows companies to:

  • Monitor and manage device access to the cloud environment
  • Block unauthorized devices from accessing cloud assets
  • Monitor cloud accounts for threats
  • Review potential security and compliance risks of new cloud apps

Get a Professional to Configure Your Cloud Security Settings

Misconfiguration is the #1 reason for cloud account breaches and cloud jacking. Companies often leave cloud tools at default settings, which can leave them vulnerable to a breach.

It’s important to have an IT professional, like Unity IT, help you set up your cloud security settings to ensure your accounts are fully protected and that you are deploying consistent security policies across all your various cloud accounts. 

Get a Cloud Security Check to Ensure Your Accounts Aren’t at Risk

Unity IT can provide your Fresno area business with an expert review of your cloud security and help you configure settings that make sense for users and keep your accounts from being hijacked.

Contact us today to schedule a technology consultation at 559-297-1007 or reach out online.