FYI...Data in the Cloud: Safer, but more attractive to Attackers
Nov 14, 2012 - Georgia Tech Information Security Center report - PDF (Pg.3): "Consider data storage in the cloud
. As security expertise is increasingly being located within cloud service providers, companies and their customers typically improve the overall security posture of their data. However, while improved virtualization infrastructure means that mass compromises are unlikely
, the growing trove of data concentrated in these cloud storage services will attract attackers
... In June, attackers compromised DDoS mitigation service CloudFlare by using flaws in AT&T’s voicemail service for its mobile users and in Google’s account-recovery service for its Gmail users. The attack — which aimed to get control over the site of one of CloudFlare’s customers — failed, but only because the company moved quickly when it discovered the incident... 'We will see more of these types of attacks, because a lot of interesting data is being hosted on [these] sites,' Kirda said. Google’s latest approach to two-factor authentication is a good hybrid method, he said. Using a recognized device and a password, a user logs in and authorizes applications on other devices. By providing a different password for each application-device combination, the service provides stronger, yet usable, security... (Pg.6) Cloud infrastructure is not just about data, however. The ability to stand up virtualized computers, if successfully exploited by attackers
, can be used to quickly create botnets
. Just as large collections of data in the cloud become a siren call to attackers, the ability to create vast computing resources will continue to convince cybercriminals to look for ways to co-opt the infrastructure to their own ends, said Yousef Khalidi, distinguished engineer with Microsoft’s Windows Azure group. “If I’m a bad guy, and I have a zero-day exploit and the cloud provider is not up on their toes in terms of patching
, the ability to exploit such a big capacity means I can do all sorts of things,” Khalidi said. The most obvious exploit that could lead to the creation of malicious compute clouds is simple credit-card fraud. Most cybercriminals have access to thousands, if not millions, of stolen credit card numbers. Using the stolen accounts to buy cloud computing resources can be a quick way for attackers to create dangerous clusters of virtual systems..."