Expert Comments On Nine Out Of Ten ‘Ethical’ Hackers Abuse Cloud Service Providers

Infosec pros and hackers regularly abuse cloud service providers to conduct reconnaissance and attacks, despite efforts by cloud providers to limit such activity. In a recent research paper titled “Cloud as an Attack Platform”, five boffins from Texas Tech University – Moitrayee Chatterjee, Prerit Datta, Faranak Abri, Akbar Siami-Namin, and Keith Jones – describe a series of interviews they conducted with computer security pros attending the Black Hat and DEF CON conferences. Of the 75 security professionals and hackers they spoke with as a part of a larger examination of attacker psychology, more than 93 per cent admitted to abusing cloud services to create attack environments and launch attacks.

Experts Comments

October 10, 2020
Ali Qamar
Founder and Consumer Security Expert
PrivacySavvy
Professional hackers mostly deploy common strategies for abusing a cloud platform by targetting its resource-efficient features to remain silent (yet stealthy) while probing a target device, discovering vulnerabilities, collecting victim data, and launching attacks. Interestingly, those using cloud providers for offensive operations have an identical pattern. They communicate with VMs (Virtual Machines) securely by setting up a VPS (Virtual Private Server) or a multi-hop VPN (Virtual Private .....Read More
Professional hackers mostly deploy common strategies for abusing a cloud platform by targetting its resource-efficient features to remain silent (yet stealthy) while probing a target device, discovering vulnerabilities, collecting victim data, and launching attacks. Interestingly, those using cloud providers for offensive operations have an identical pattern. They communicate with VMs (Virtual Machines) securely by setting up a VPS (Virtual Private Server) or a multi-hop VPN (Virtual Private Network and then load VMs cybersecurity tools like Metasploit, NMap, and Wireshark to conduct offensive acts. Although IaaS (infrastructure-as-a-service) providers try avoiding this through Virtual Machine network quotas or tools built for securing accounts like Amazon Inspector and AWS GuardDuty. Still, infosec professionals can find their way around platform limitations. So, cloud providers need to deal with all this abuse more effectively. One way to achieve that is to deploy better client identity verification via background checks. The availability of sites providing fake credit card numbers makes it effortless to create cloud accounts anonymously.  Read Less
June 18, 2020
Chris Hauk
Consumer Privacy Champion
Pixel Privacy
The use of cloud service providers to conduct white hat reconnaissance and attacks indicate the need for increased monitoring by cloud service providers to detect such use by both the good and the bad guys. However, cloud service providers are walking a tightrope, as increased vigilance could negatively impact the usability of these services, perhaps having a negative impact on customer retention.
What do you think of the topic? Do you agree with expert(s) or share your expert opinion below.
Be part of our growing Information Security Expert Community (1000+), please register here.