With the increasing reliance on cloud computing in critical infrastructure sectors, policymakers face the pressing need to address the growing vulnerabilities in these sectors, as outlined in a report by The Digital Forensic Research Lab (DFRLab) at the Atlantic Council.
The report delves into the risks associated with cloud compromises and outages, underscoring the importance of addressing systemic risks linked to the adoption of cloud technology. Additionally, it emphasises the necessity of revising policies to recognise the crucial role played by cloud computing in maintaining the integrity of critical systems.
Examining cloud adoption in key sectors like healthcare, transportation, energy, defense, and financial services, the research sheds light on the detrimental consequences of the 2020 Sunburst hack. This incident involved malicious actors exploiting cloud products, specifically targeting Microsoft Azure's Identity and Access Management services.
To mitigate such risks, the report proposes a range of reforms, including the establishment of a dedicated cloud management office and the creation of a task force dedicated to protecting cloud infrastructure. These measures are crucial steps toward safeguarding critical infrastructure sectors reliant on cloud computing.