Cloud Threats and Attacks

00:00

Hey, everyone, welcome back to the course in this video. We're just gonna talk through some different types of cloud threats. We'll also talk about some of the different types of cloud attacks that are available.

00:09

So what are some of those cloud threats? Well, could be things like management interface failure could be virtual machine level attacks could be insider threats. So we've got a malicious in the insiders.

00:20

Aziz, we had seen with a believe was Capital One, uh, data breach where that malicious insider kept access to some of the S three buckets and was able to get some data and then posted out there on the web. Um, it was a she if I recall, and she wasn't a very sophisticated attacker. From what I could read in that particular instance,

00:40

things like week are weak. Authentication, right?

00:43

Could be compliance issues or risk It could be things like service formation or service failure. In the cloud

00:50

loss of encryption keys could be another one. So we're not protecting our encryption keys for AWS, for example, or we just lose them. We download the file and now we can't find it anywhere. It's been lost

01:03

and licensing risk, right? Do we know that we've got We've purchased enough licenses for what we're trying to do in our cloud environment.

01:10

Things like privilege escalation as well, Right? Data deletion is another one. Uh, security, Miss Configurations. That's a big one.

01:18

And we see that a lot with, uh, like has three buckets, right?

01:23

Compliance issues. As I mentioned,

01:25

Multi Tennessee. Do we know what the other people on the cloud environment are doing? For example, let's say that we're

01:30

using a public cloud environment. Do we know that the other people on that same server or not sharing like child *** images? Right, Because we may have some type of liability, we have to We have to know that depending on our jurisdiction. So we need to understand

01:44

what types of measures is a cloud provider taking

01:47

to help mitigate those types of threats where when we're using things like a public cloud. So we've got many different types of cloud attacks. Some of them are are ones that we've seen a lot. A lot of different areas, right? Things like social engineering attacks, fishing in particular to try to get your log in credentials could be over the phone, which is fishing.

02:04

It could be via text. Message gets you to click on a malicious link. By the way, if you ever send me a text message, I'll never click on a link in a text. Eso just f y I on that. But a lot of people will write, and there's been a lot of attacks going around where

02:17

you'll get an attack. Early morning hours of your local time zone E. I think in the hopes that you'll just click on the link, but it's usually some kind of random text and just says, like, Click on this link to get the 10% of coupon or whatever, right? It's just a really totally random looking link, and you know it's not legit, right? But if you're really sleepy, you may not notice and click on it.

02:37

And also we can do it via social media as well.

02:39

A sequel injection attacks. So just using, you know, this is a simple example, right? Just using the or one equals one or the apostrophe there, and it basically will say, Well, one is one right, and it allows you to do the attack.

02:52

This could be in band, sequel injection or out of Band

02:55

and also blind Attacks. And we talked about in this course we already talked about sequel injection attacks are distributed. Denial of service attacks, right or Adidas and denial of service attacks again volumetric type of attack. Typically, they might use fragmentation to try to get past ideas, systems that may detect this

03:13

usually against the application and, you know, things like a syn flood.

03:16

Now this affects availability of the information right

03:22

sniffing attacks. So using things like wire shark, TCP dump to try to harvest credentials for the cloud or harvest data using things like snort or enter capas. Well, man, in the middle of attacks where we're just popping ourselves in front of that connection or in between that connection between the user and that web application. All right, so in this video, we talked about

03:39

cloud threats. We talked about some of the different threats that are out there. We also talked about some of the common