Microsoft Azure’s Vulnerability Discovery — and Best Practices for Azure Security
A vulnerability is an oversight or weakness in a cloud’s security measures. Cybercriminals can exploit vulnerabilities to gain unauthorized access to corporate accounts.
Let’s go over a vulnerability that recently occurred in Microsoft Azure along with some helpful security measures you can take when using the platform.
Microsoft Azure Vulnerability
Azure is a public cloud platform by Microsoft. In 2021, the cloud security startup Wiz discovered a significant vulnerability in the platform. According to the Wiz research team, this vulnerability potentially left thousands of Azure customers exposed for a two-year period.
The vulnerability occurred in Azure Cosmos DB, a fully managed NoSQL database for modern application development. Any user could manipulate, download, or delete an extensive collection of commercial databases. The vulnerability also provided read-write access to Cosmos DB’s underlying architecture. Wiz named the vulnerability “#ChaosDB.”
Azure Jupyter Notebook
In 2019, Microsoft introduced Jupyter Notebook — an open-source, interactive computing software — to Cosmos DB. The company promoted this feature as an advanced visualization tool for data stored in Cosmos DB. Microsoft automatically enabled Jupyter Notebook for all Cosmos DB platforms in 2021, the year the vulnerability came to light. However, Wiz thinks the vulnerability could stretch back to its initial launch in 2019.
Wiz believes a series of misconfigurations in Jupyter Notebook allowed attackers to access customers’ Cosmos DB primary digital keys. Hackers could write, read, delete, and steal a key’s entire database.
Thankfully, Microsoft was able to resolve the issue within 48 hours of Wiz’s report. Since Microsoft couldn’t change customers’ primary access keys, it instructed them to change keys manually to mitigate their exposure to #ChaosDB. Microsoft paid Wiz $40,000 for calling its attention to the vulnerability.
Microsoft Azure Best Practices
Here are some of the best Microsoft Azure security practices to follow according to Microsoft:
- Employ two-step verification. Microsoft recommends enforcing multifactor verification for all Azure users. That includes administrators, financial officers, and any other users in your organization who will be significantly affected if their accounts are compromised.
- Manage and monitor passwords. Microsoft advises users to ensure proper password protection in the cloud, monitor suspicious account activity, and identify and remediate high-risk passwords.
- Receive incident notifications. Microsoft suggests establishing incident notifications for compromised Azure resources. Security teams that receive these alerts can quickly respond and remediate potential security threats.
Learn More About Agio’s Managed Azure Services Today
At Agio, we offer specialized services to help your business keep up with Microsoft Azure security. Whether you partially or fully host your backup environment in the public cloud, our team can ensure a smooth, hassle-free transition.
We’ll help you augment your current servers with Azure-based infrastructure, then harden this infrastructure to minimize your vulnerability to malicious activity. Get in touch to learn more about our managed Azure services!
Connect with us.
Need a solution? Want to partner with us? Please complete the fields below to connect with a member of our team.