Threat Trends | 6 mins
The Five Hidden Cloud Risks
Driven by the promise of increased efficiency, scalability, and speed of innovation cloud computing has become an integral part of modern business operations. The shift has been so monumental that 95% of new workloads in 2025 are predicted to be deployed in the cloud. However, this transition also introduces new security risks that must be carefully managed to protect sensitive data and maintain operational integrity.
Misconceptions About Cloud Security
In a sentence; cloud service facilitates the rapid scaling of resources to meet fluctuating demands. Organizations can easily adjust their infrastructure to accommodate growth or changes in demand. This agility supports faster deployment of new applications and services, allowing businesses to respond more quickly to opportunities. Additionally, cloud platforms offer native integration with the latest technology, such as artificial intelligence and machine learning, which can drive innovation and competitive advantage.
It is a common misconception that the benefits of the cloud extend to cybersecurity. While cloud providers have invested heavily in security technologies that can be consumed directly through their platforms the risk of a data breach is still present. In order to fully benefit from the advantages of the cloud, organizations must address the security risks.
Top Five Hidden Cloud Risks
Some of the hardest risks to mitigate in the cloud include lack of visibility, misconfigurations, unsecured APIs, zero-day vulnerabilities, and lack of encryption. Unfortunately, cloud security maturity lags behind other cybersecurity practices with 43% of organizations either in the early stages or had not yet initiated implementing practices to secure their cloud environments. Below we explore the security challenges and strategies for mitigating them.
Lack of Visibility
Earlier this year it was reported that 64% of organizations have multi-cloud environments, as enterprises deploy services across different providers they create complex, interconnected IT environments. This complexity can lead to a lack of visibility, making it difficult to identify and address security vulnerabilities.
In 2023, Toyota unknowingly exposed the personal and vehicle data of 2.15 million customers for nearly a decade due to a lack of visibility into their cloud environment. The exposure was due to a cloud bucket that could be accessed directly from the internet. Without centralized visibility, Toyota was unable to effectively audit their environment and assess risks.
In order to prevent similar events a Toyota representative stated that they would “introduce a system to audit the cloud settings, conduct a setting survey of the cloud environment, and continuously monitor the setting status.”
By implementing centralized resource monitoring for all cloud resources organizations gain comprehensive visibility of their cloud assets. Organizations should set up alerts for unusual or exposed cloud assets so that they quickly detect and respond to potential threats.
Misconfigurations
One of the most common security risks in cloud environments is misconfiguration. They occur when cloud resources are improperly configured, leading to vulnerabilities that attackers can exploit. Misconfigurations can involve anything from open ports and default credentials to improper access controls and insecure storage settings.
In 2022, educational publisher McGraw Hill experienced significant data exposure due to a misconfigured AWS S3 bucket. This misconfiguration led to the exposure of 22 terabytes of data, including sensitive student information, digital keys, and source code, which had been accessible since 2015.
Misconfigurations can easily occur, without regular configuration audits of their cloud environments organizations may be exposing a wide range of sensitive data and applications. Continuous validation of cloud configurations across all environments is necessary to adequately detect and remediate misconfigurations.
Unsecured APIs
APIs are essential for communication and data exchange between cloud applications, but unsecured APIs can be a major attack vector. Vulnerabilities in APIs, such as weak authentication, improper access controls, and data exposure, can be exploited by attackers to gain unauthorized access to cloud resources.
The Optus data breach in 2022 was caused by an unsecured and publicly accessible API that did not require authentication. The API endpoint had been intended for Optus customer use in accessing their own account data, but a coding error essentially allowed attackers to cycle through URL numbers and pull up customer information without authentication. This breach compromised the records of approximately 10 million customers.
A number of steps can be taken to secure APIs by implementing strong authentication and authorization mechanisms, rate limiting, and other controls. It is important to regularly scan and test APIs for vulnerabilities to ensure they are secure.
Zero-Day Vulnerabilities
Zero-day vulnerabilities are security flaws that are unknown to the vendor and have no available patches. Attackers exploit these vulnerabilities before they are discovered and fixed, posing significant risks to cloud environments which are exposed to the internet. When new zero-days are discovered security teams have to take action quickly to apply fixes.
The challenge is compounded by the size of the organization’s cloud infrastructure which makes it difficult to identify all vulnerable systems. When it was discovered that a vulnerability in MOVEit, a file transfer service, was being actively exploited by threat actors it took enterprises months to find and patch all impacted systems. The result was new compromises being disclosed long after the threat was known.
Arpit Borawake, Hacker at Hadrian
Organizations need to maintain an up-to-date inventory of cloud services so that they can quickly locate vulnerable systems for remediation. Being able to test and validate whether the vulnerability is exploitable dramatically changes the response speed required.
Lack of Encryption
The lack of encryption in cloud environments presents significant security risks, allowing unauthorized individuals to access sensitive data if they manage to infiltrate the system. With practice can lead to security vulnerabilities, data breaches, and compliance issues.
In 2018, Marriott International disclosed a data breach that affected approximately 500 million customers. The breach involved unauthorized access to the Starwood guest reservation database, which contained sensitive information such as names, addresses, phone numbers, and passport numbers. While encryption was in place for payment card data, other personal data was not adequately protected.
To mitigate the risk of unencrypted data being exposed organizations should enable encryption in their AWS S3, Google Cloud Storage, and Microsoft Azure Blob Storage. Regular security audits should be performed to identify and address gaps in encryption practices.
Securing the Cloud
While loud computing offers numerous operational benefits, but it also introduces a range of security risks that organizations must address. By implementing best practices and leveraging continuous auditing tools, organizations can mitigate the risks posed by lack of visibility, misconfigurations, unsecured APIs, zero-day vulnerabilities, and lack of encryption. Easily audit your cloud environments with Hadrian’s automated offensive security.
In conclusion, while the cloud offers transformative benefits that can drive business growth and innovation, it also brings a range of security risks that must be diligently managed. By understanding and addressing these risks, organizations can fully leverage the advantages of cloud computing while maintaining robust security and compliance.