Cloud security is taking a back seat to cloud enthusiasm

Credit: ID 20934463 © Suriyaphoto |

The ease with which cloud-based architectures facilitate third-party communications will make them a key security risk in coming years, security experts have warned as Australian firms rush headlong into the cloud without fully considering its implications.

Ever more-mature understanding of cloud platforms is seeing cybercriminals refining their strategies for attacking cloud-hosted data, security firm Trend Micro warned in laying down its vision of the security threatsfrom the coming decade.

Use of code injection attacks, such as deserialization bugs, cross-site scripting and SQL injection would be targeted at cloud providers and – due to the increasing use of third-party libraries in fast-moving agile development environments – see risk propagating across supply chains and managed service providers via compromised container components and libraries.

“As we enter a new decade, organisations of all industries and sizes will increasingly rely on third party software, open-source, and modern working practices to drive the digital innovation and growth they crave,” Trend Micro director and data scientist Dr Jon Oliver said in a statement.

“We predict that this fast growth and change will bring new risks of supply chain attacks. From the cloud layer all the way down to the home network, IT security leaders will need to reassess their cyber risk and protection strategy in 2020.”