Information Security News mailing list archives
Boffins find that over nine out of ten 'ethical' hackers are being a bit naughty when it comes to cloud services
From: InfoSec News <alerts () infosecnews org>
Date: Wed, 17 Jun 2020 08:31:20 +0000 (UTC)
https://www.theregister.com/2020/06/17/cloud_services_hacking/ By Thomas Claburn in San Francisco The Register 17 June 2020Infosec pros and hackers regularly abuse cloud service providers to conduct reconnaissance and attacks, despite efforts by cloud providers to limit such activity.
In a recent research paper titled "Cloud as an Attack Platform" [PDF], five boffins from Texas Tech University – Moitrayee Chatterjee, Prerit Datta, Faranak Abri, Akbar Siami-Namin, and Keith Jones – describe a series of interviews they conducted with computer security pros attending the Black Hat and DEF CON conferences.
Of the 75 security professionals and hackers they spoke with as a part of a larger examination of attacker psychology, more than 93 per cent admitted to abusing cloud services to create attack environments and launch attacks.
"We observed that these professional hackers often employ common strategies to abuse the cloud platform for its resource-efficient features in order to remain stealthy and silent while probing target machines, collecting victim data, discovering vulnerabilities, and launching attacks," the paper explains.
[...]
-- Subscribe to InfoSec News https://www.infosecnews.org/subscribe-to-infosec-news/ https://twitter.com/infosecnews_
Current thread:
- Boffins find that over nine out of ten 'ethical' hackers are being a bit naughty when it comes to cloud services InfoSec News (Jun 17)