What You Really Need to Know About Cloud Security
Cloud security breaches aren't necessarily headline news, but there's a good reason for that: Cybercriminals don't always view the cloud as the target of an attack, but often as a resource to launch an attack.
Mon, June 18, 2012
CIO — Despite all of the hand wringing over cloud security, major cloud security breaches haven't been grabbing headlines. The past year has seen major breaches, such as the ones that hit Sony and Epsilon, but we haven't heard much of an emphasis about the cloud being a weakness.
Cloud providers, such as Dropbox and Google, have had their issues, but the major cloud-related problems have involved outages, not data being breached.
That doesn't mean that cloud-invested businesses can breathe easily. "Attacks that work now work so well that you don't have to come up with a new, complex attack methodology," says Chris Eng, vice president of research for Veracode, a provider of cloud-based application security testing services. "Cyber-criminals aren't going to spend a lot of time to come up with a new zero-day attack if they can just use the same old SQL injection attacks that have worked for years."
Hackers Set Sights on Cloud, But Not as a Target
One troubling trend uncovered in the Sony breach is that hackers view the cloud not necessarily as a target, but as a resource. Hackers used stolen credit cards to rent Amazon EC2 servers and launch the crippling attack on Sony.
"Everything the cloud offers to legitimate businesses it offers to criminals as well," says Scott Roberts, senior intelligence specialist at Vigilant, a security monitoring company. "It's becoming common for cyber-criminals to rent cloud infrastructure to set up spambots or to build out a malware command and control infrastructure. At $50 or $60 a month, attackers can take advantage of resources that a few years ago would be too difficult and too expensive to build on their own."
Add cheap infrastructure to low-cost, automated malware kits, botnets that can be rented for a single attack and the ability to outsource such things as the decoding of CAPTCHAS for spammers, and you have a toxic arsenal that can make even simpleton hackers highly dangerous.