I read an article from CSA that they rank service traffic hijacking as the #3 threat to cloud-services. Why is it worse for the user if an attacker hijacks its service traffic on cloud? What new exploits can the attacker take advantage of in a cloud-service compared to before? I had a hard time phrasing this question so if anything is unclear please ask.
Asked
Active
Viewed 715 times
1 Answers
0
I don't think that the impacts of account or service hijacking are necessarily worse when using cloud providers, but that does depend on what you're doing in the cloud. Because you're using a service provider instead of hosting the application yourself you can sometimes incur unexpected usage charges due to fraud (i.e. someone charging a bunch of server time to do bitcoin mining). If you don't catch the fraudulent use in time it can cost you thousands of dollars.
Due to the urgency some providers have had to quickly deploy solutions and start making money they don't all make security a priority. That can result in bugs or architecture flaws that make vulnerabilities easier to find. Again, this isn't unique to cloud applications, when compared to internal applications, but attackers may have more incentive to find a vulnerability in a system with a lot of customers instead of a system used by a single customer.
It's also possible that by moving applications to a cloud provider you are exposing data or services that were previously better protected inside your organization's network. While attacks against internal systems do happen, they tend to be less frequent and more difficult for an outsider to carry out. The added accessibility of a cloud-based system may make it easier for an attacker to obtain credentials and carry out theft or fraud.
PwdRsch
- 8,341
- 1
- 28
- 35