The US Department of Homeland Security (DHS) is currently investigating the threat of cyberattacks against cloud computing environments [1], with a specific focus on improving identity management and authentication [2]. This investigation was prompted by a major attack on Microsoft’s Azure cloud infrastructure in July 2023, which compromised numerous public sector agencies and private companies [1]. The lack of clarity in responsibilities for securing cloud environments and communicating between vendors and customers has become a significant issue [1], leading to serious ramifications in real-world cyberattacks [1]. The government’s involvement in the investigation is seen as a way to shift more security burden from customers to vendors and ensure a common defense against cybersecurity threats [1].

Description

The US Department of Homeland Security’s Cyber Safety Review Board is conducting a review of cloud cyber security [2], with a particular emphasis on strengthening identity management and authentication in the cloud [3]. This review was prompted by the Microsoft Exchange Online incident in July 2023 [3], where emails were stolen from the U.S. State Department and other government agencies [4]. The Cyber Safety Review Board [1] [2] [3] [4], consisting of experts from industry and government [3], aims to address widespread cybersecurity issues [2], especially those related to cloud-based identity and authentication infrastructure [1] [2]. The board has previously conducted reviews on Log4j vulnerabilities and the Lapsus$ attacks [3], highlighting the collective failure to address risks associated with using text messaging and voice calls for multi-factor authentication [3].

The Federal Trade Commission is also currently reviewing the business practices of cloud providers and their impact on security [4]. Concerns have been raised about how cloud providers manage security services and whether customers should have to pay extra for security [4]. Microsoft [1] [2] [3] [4], in particular, has faced criticism for not making security logs available to customers unless they paid additional fees [4], but has since agreed to provide them for free [4].

Conclusion

The investigation by the Department of Homeland Security and the ongoing review by the Cyber Safety Review Board have the potential to address widespread cybersecurity issues, particularly those related to cloud-based identity and authentication infrastructure [1] [2]. The aim is to enhance data security and cyber resilience, contributing to advancing cybersecurity best practices in cloud environments [3]. The government’s involvement in the investigation is expected to shift more security burden from customers to vendors and ensure a common defense against cybersecurity threats [1]. The Federal Trade Commission’s review of cloud providers’ business practices will also play a crucial role in determining the impact of these practices on security. Overall, these efforts are crucial for understanding the vulnerabilities of cloud technology and mitigating risks for critical systems such as e-commerce platforms and communication tools [3].

References

[1] https://www.darkreading.com/cloud/microsoft-cloud-woes-inspire-dhs-security-review
[2] https://www.technewsworld.com/story/new-us-initiatives-aim-to-better-defend-against-cyberattacks-178534.html
[3] https://www.computerweekly.com/news/366548173/US-Cyber-Board-to-probe-cloud-security-after-latest-Exchange-hack
[4] https://www.cybersecuritydive.com/news/microsoft-cloud-security-federal-cyber-review/690773/