Google Cloud Platform (GCP) has recently been discovered as vulnerable to data breaches. Mitiga researchers found out that hackers were able to easily access data stored on GCP storage buckets as the differentiating-log details are not enabled by default. This means that the same description is used for all kinds of access and activity, such as reading a file, downloading a file, or copying a file to an external resource. This makes it difficult to detect or trace any malicious activity.
The GCP Security team was made aware of the issue and have taken steps to address the security deficiency. On March 1st, Google found that no exfiltration had been detected in the audit and have since implemented ways to mitigate and detect insufficient audit logging. This includes improving log-forensics, and they have also taken advantage of the features offered by AWS, such as CloudWatch logs and the ability to add permissions to users and groups based on assigned roles.
It is important to keep in mind that GCP is vulnerable to data breaches and that measures need to be taken in order to protect data stored on the platform. To prevent any malicious activity, organizations need to enable differentiating-log details and regularly audit their systems. Additionally, they should take advantage of the features offered by AWS, such as CloudWatch logs, to add additional layers of security to their systems.
In conclusion, GCP has been identified as vulnerable to data breaches due to the lack of differentiating-log details. The GCP Security team has taken steps to mitigate and detect any malicious activity and organizations should take advantage of the features offered by AWS to further protect their systems. By enabling differentiating-log details, regularly auditing their systems, and taking advantage of AWS features, organizations can ensure their data is secure.
