https://www.theregister.com/2020/06/17/cloud_services_hacking/
By Thomas Claburn in San Francisco
The Register
17 June 2020
Infosec pros and hackers regularly abuse cloud service providers to conduct
reconnaissance and attacks, despite efforts by cloud providers to limit such
activity.
In a recent research paper titled "Cloud as an Attack Platform" [PDF], five
boffins from Texas Tech University – Moitrayee Chatterjee, Prerit Datta,
Faranak Abri, Akbar Siami-Namin, and Keith Jones – describe a series of
interviews they conducted with computer security pros attending the Black Hat
and DEF CON conferences.
Of the 75 security professionals and hackers they spoke with as a part of a
larger examination of attacker psychology, more than 93 per cent admitted to
abusing cloud services to create attack environments and launch attacks.
"We observed that these professional hackers often employ common strategies to
abuse the cloud platform for its resource-efficient features in order to remain
stealthy and silent while probing target machines, collecting victim data,
discovering vulnerabilities, and launching attacks," the paper explains.
[...]
--
Subscribe to InfoSec News
https://www.infosecnews.org/subscribe-to-infosec-news/
https://twitter.com/infosecnews_
