Expert Comments On Nine Out Of Ten ‘Ethical’ Hackers Abuse Cloud Service Providers

Infosec pros and hackers regularly abuse cloud service providers to conduct reconnaissance and attacks, despite efforts by cloud providers to limit such activity. In a recent research paper titled “Cloud as an Attack Platform”, five boffins from Texas Tech University – Moitrayee Chatterjee, Prerit Datta, Faranak Abri, Akbar Siami-Namin, and Keith Jones – describe a series of interviews they conducted with computer security pros attending the Black Hat and DEF CON conferences. Of the 75 security professionals and hackers they spoke with as a part of a larger examination of attacker psychology, more than 93 per cent admitted to abusing cloud services to create attack environments and launch attacks.

Subscribe
Notify of
guest
2 Expert Comments
Newest
Oldest Most Voted
Inline Feedbacks
View all comments
Ali Qamar
Ali Qamar , Founder and Consumer Security Expert
InfoSec Expert
October 10, 2020 4:50 pm

Professional hackers mostly deploy common strategies for abusing a cloud platform by targetting its resource-efficient features to remain silent (yet stealthy) while probing a target device, discovering vulnerabilities, collecting victim data, and launching attacks.

Interestingly, those using cloud providers for offensive operations have an identical pattern. They communicate with VMs (Virtual Machines) securely by setting up a VPS (Virtual Private Server) or a multi-hop VPN (Virtual Private Network and then load VMs cybersecurity tools like Metasploit, NMap, and Wireshark to conduct offensive acts.

Although IaaS (infrastructure-as-a-service) providers try avoiding this through Virtual Machine network quotas or tools built for securing accounts like Amazon Inspector and AWS GuardDuty. Still, infosec professionals can find their way around platform limitations.

So, cloud providers need to deal with all this abuse more effectively. One way to achieve that is to deploy better client identity verification via background checks. The availability of sites providing fake credit card numbers makes it effortless to create cloud accounts anonymously.

Last edited 2 years ago by Ali Qamar
Chris Hauk
Chris Hauk , Consumer Privacy Champion
InfoSec Expert
June 18, 2020 11:36 am

The use of cloud service providers to conduct white hat reconnaissance and attacks indicate the need for increased monitoring by cloud service providers to detect such use by both the good and the bad guys. However, cloud service providers are walking a tightrope, as increased vigilance could negatively impact the usability of these services, perhaps having a negative impact on customer retention.

Last edited 2 years ago by Chris Hauk
2
0
Would love your thoughts, please comment.x
()
x