Microsoft Azure, the famous cloud computing cum database management platform from the creator of Windows has been longing for stability and security. Azure clients have been subjected to malware and spyware attacks, cloud data compromise, and command and control breaches on networks in the past year. Azure offers approx. 600 different services to its clients which include cloud computing, data storage, database management and organization, communication mechanisms, content delivery network, and IoT functions. While Azure has been heavily effective in offering cloud computing solutions to the healthcare and education industry, it has also been catering to major commercial clients like Twitter, CNET, and Verizon, which in turn indicates millions of dollars in capitalization.
However, in the past couple of years since the WannaCry Ransomware attack, Azure has been the center of hosting malware and spyware, which has targeted a number of its small-to-medium scale clients. While Azure claims to have a strict theft and malware detection system, a series of bugs have been constantly reported in its services, which have the potential to host malware and command and control infrastructures.
Attacks on Azure Services and Clients
Post-WannaCry, one of the most talked-about malware-hosting reports on Azure came back in December 2018, when a malware called Capitalinstall targeted healthcare institutions using Azure services. The malware used Azure to deliver a payload consisting of infected files, which upon download breached data security on Azure and gathered information available there. For healthcare institutions, such leaks of data to unknown cyber-assailants is a significant concern. The payloads were able to breach Azure’s defenses as IT administrators handling Azure accounts openly inherent blind trust of IP address blocks used by Azure.
Then, in May this year, it was reported that a bunch of scammers posing as Microsoft Support Partners was trying to infect clients’ systems using Azure with malware. These support scammers were reported to be using paid search over different internet portals and target victims to lure them on their sites. Several scammers were also reported to be using remote access servicing of client systems to inject malware. However, after multiple reports from clients and several reveals from anti-malware research teams across the globe, Microsoft itself stepped in and hurdled raids to shut down such scammers.
And again last month, it was revealed that a command and control type malware was hosted on Azure cloud for injecting malicious files in the systems using Azure services and any other computers working in the same network. Though Azure’s threat detection codes were not able to stop or detect the malware, Windows Defender did recognize it as a potential danger during system scans. This was the reason that system administrators were able to contain the dangers posed by this malware. However, it did reveal a possible flaw in the security and safety assurances of Azure.
Possible User Negligence Resulting in Data Breach on Azure
There are chances that Azure or any other cloud data service accounts are exposed to malware-hosting due to certain negligence from the users’ end as well. Here are some factors that users should keep in mind to ensure complete safety and security of their Azure accounts and the systems in their network:
- Lower down the number of administrators having complete access to Azure service accounts and their management. No matter how strong your server’s firewall protection is, any rogue administrator having undenied access to your files can easily infuse malware using Azure as a payload delivery. Moreover, the lesser the number of human access, the lesser the possibility of human error and mismanagement.
- In case you or any of your colleagues are accessing Azure via Virtual Machine software, ensure that the virtual machine has endpoint protection and that the virtual machine is free of bugs or vulnerabilities.
- Ensure that every user in the network has enabled multi-factor authentication to log in to his/her individual Azure account.
- Do not allow users to log in from any external account that has a different domain than that of the administrative one.
- Have the administrators ensure that Azure identities and accounts are not used to log in to any third-party application by the users, as it could jeopardize cloud security.
But, How to Protect Cloud Data
Cloud risks are quite complex to manage and mitigate. Since the data over the cloud is not physically saved on a disk, it becomes highly difficult to retrieve it or regain access to it in case of a breach. Every user or enterprise must contain the confidential documents in physical form over a separate cloud as a backup. It is necessary to ensure that such separate cloud backups are kept confidential and are only accessible by core enterprise members or by the data owner only. Such backups go unnoticed and since they are not frequently used for regular management and retrievals, the data in such backups is far less vulnerable to that stored over an Azure account.
Right Backup is one of the best choices you can make with taking advantage of the cloud storage service for data backup. This is one of the safest methods to keep your data saved in the cloud and access it from anywhere. Even in the worst case where your device is affected by the malware, the data is safe on the cloud. Right Backup is available for Windows, iOS, and Android. You can download the application on your computer and then set a scheduled time from the settings to take an automatic backup. This will save you from doing it manually every time and assure the safety of your data.
While Azure is effective in providing real-time cloud computing services, it is also a fact that it is quite vulnerable to malware infestations. As a user, one cannot wait until Azure’s support teams and developers find a permanent patch for its vulnerabilities and are required to take essential measures for his/her data security. In such a scenario, it’s better to use a tool like Right Backup, so that, even while dealing with malware-hosting or cloud data breach, your current work is not hampered and your research and files are not lost in entirety.
If you feel that backing up crucial data is essential to counter hacking attempts, please share your views in the comments section and let us know of any incident where your systems may have been attacked by a potential malware.