Software and application developers often use cloud tunnels as a quick and easy way to share their work by temporarily opening local systems. Since these tunnels bypass restrictions on access to the corporate network, they allow attackers to penetrate the developer’s OS. Image: Trend Micro
What is the risk
Having access to the developer’s computer, cybercriminals can use local administrator privileges to distribute malware. They will also use the captured credentials to infiltrate the organization’s cloud development environment or other systems, potentially wanting to gain access to sensitive information or inject vulnerabilities into application source code and pipelines. Such violations are difficult to detect because the network activity associated with them looks legitimate based on developer privileges.
How to protect yourself
Companies should set up security systems so that they filter outgoing traffic in the same way they filter incoming traffic. Since developers are likely to look for workarounds if they are completely banned from using cloud tunnels, it is important to develop a clear security policy that determines which cloud tunnel use cases the organization considers acceptable. And instead of several special cloud tunnels, enterprises should authorize only one tunnel, limited within the organization and not open to the general network.