Security News > 2021 > January > CISA Warns Organizations About Attacks on Cloud Services
In light of successful cyberattacks targeting organizations' cloud services, the U.S. Cybersecurity and Infrastructure Security Agency has published a series of recommendations on how businesses can improve their cloud security.
The attacks observed by CISA exploit poor cyber hygiene practices within cloud services configurations, and the agency says the activity is not tied to a specific threat actor or the recent SolarWinds attack.
Thus, the recommended mitigations apply to all organizations looking to ensure their cloud services are better protected from cyberattacks.
CISA notes that the recommendations are based on CISA incident response engagements and that the observed attacks frequently involved telework that leveraged a mixture of corporate laptops and personal devices for access to cloud services.
"Despite the use of security tools, affected organizations typically had weak cyber hygiene practices that allowed threat actors to conduct successful attacks," CISA notes.
To mitigate cyberattacks targeting their cloud services, organizations are advised to implement conditional access policies, establish a baseline for normal network activity, review logs, enforce MFA, review user-created email forwarding rules and alerts, establish a mitigation plan, secure privileged access, prohibit personal devices at work, audit email rules, ensure users consent only to app integrations that have been pre-approved, and adopt a zero-trust mindset.
News URL
Related news
- CISA tags Microsoft .NET and Apache OFBiz bugs as exploited in attacks (source)
- CISA orders agencies to patch Linux kernel bug exploited in attacks (source)
- CISA Flags Craft CMS Vulnerability CVE-2025-23209 Amid Active Attacks (source)
- CISA flags Craft CMS code injection flaw as exploited in attacks (source)
- FatalRAT Phishing Attacks Target APAC Industries Using Chinese Cloud Services (source)