1. In order to gain entry to your cloud storage, what does an attacker need?
2. Name at least two ways that an attacker can steal your credentials.
3. How can attackers gain access to your cloud storage without knowing
your login details?
4. Even with the strongest IT infrastructure, what is always the weakest
link in a system?
5. What are your thoughts on the security of cloud storage? Would you use it if
you owned a company? Is there any information that you would not like
stored in the cloud? Explain using at least 3-4 sentences.
1. In order to gain entry to cloud storage, an attacker typically needs the login credentials, such as a username and password, of the account owner.
2. Two ways that an attacker can steal credentials include phishing attacks, where they trick users into revealing their login information through fraudulent websites or emails, and malware, which can capture keystrokes or login information from infected devices.
3. Attackers can gain access to cloud storage without knowing login details by exploiting vulnerabilities in the cloud provider's infrastructure or through social engineering techniques to manipulate someone with authorized access to provide them with access.
4. The weakest link in a system is often the human element, including employees who may inadvertently disclose sensitive information or fall victim to social engineering attacks, as well as human errors or negligence in implementing security measures.
5. The security of cloud storage depends on a variety of factors, including the strength of encryption, the security practices of the cloud provider, and the user's own diligence in guarding their login information. If I owned a company, I would consider using cloud storage for certain types of information, but I would be cautious about the sensitivity of the data and assess the security measures in place. There may be certain highly sensitive or confidential information that I would prefer to store locally, rather than in the cloud, to have more control and reassurance over its security.