Organizations could be at risk of data exfiltration due to Google Cloud Platform's inadequate forensic visibility into its storage logs, reports The Hacker News.
Such an attack could occur should threat actors be able to successfully compromise organizations' Google Cloud Platform environments through social engineering intrusions, according to a report from Mitiga.
Possible file access and read events are being grouped by Google Cloud Platform's storage access logs into a lone "Object Get" activity, resulting in insufficient transparency, which could enable concealed data harvesting.
"The same event is used for a wide variety of types of access, including: Reading a file, downloading a file, copying a file to an external server, [and] reading the metadata of the file," said Mitiga researcher Veronica Marinov.
Mitigations have since been offered by Google to resolve the issue, including the use of Virtual Private Cloud Service Controls and the utilization of organization restriction headers for cloud resource requests.