Treacherous 12 Part 10: Abuse of Cloud Services
Video Activity
Join over 3 million cybersecurity professionals advancing their career
Sign up with
Required fields are marked with an *
or
Already have an account? Sign In »
Time
12 hours 57 minutes
Difficulty
Intermediate
CEU/CPE
13
Video Transcription
00:00
>> Treacherous 12, Number 10.
00:00
Abuse of cloud services.
00:00
Top of the risk of abusing cloud services,
00:00
the impact of when cloud services are abused,
00:00
and techniques and strategies to reduce
00:00
the risk of cloud service abuse.
00:00
Abuse of cloud services,
00:00
also, the nefarious use of cloud services.
00:00
This is when somehow you lose control,
00:00
either partially or a threat actor is able to create and
00:00
attribute fraudulent transactions to
00:00
pay for and use cloud services.
00:00
The impact is that it reduces availability because
00:00
when this person is able
00:00
to grant access and use your cloud services,
00:00
they aren't available to your organization.
00:00
Many hackers [inaudible] often
00:00
use exploits that abuse cloud services to
00:00
launch denial of services
00:00
attacks and distributed denial of
00:00
service attacks from the compromised cloud instances.
00:00
They also can launch phishing campaigns
00:00
from cloud services that they've compromised.
00:00
Now, how do you protect yourself against
00:00
abuse of cloud services from a malicious actor?
00:00
Well, first and foremost,
00:00
is appropriate logging and monitoring to ensure
00:00
that you see when new services are
00:00
being provisioned that you didn't account
00:00
for and then have
00:00
a robust instant response process to respond to that.
00:00
Another is fraud detection.
00:00
This is really by having
00:00
alerts with your cloud provider so that if
00:00
costs or services
00:00
that you didn't provision are incurred,
00:00
that you are alerted immediately
00:00
and are able to investigate.
00:00
Now, some of these instances
00:00
where abuse of cloud services have occurred,
00:00
they are fairly sophisticated attacks
00:00
that are used to compromise even cloud service providers.
00:00
However, individual organizations can best protect
00:00
themselves through the means that I have
00:00
discussed already; log in, monitoring,
00:00
appropriate instant response, fraud detection,
00:00
and really just making sure they
00:00
understand what's going on in their cloud environment.
00:00
Quiz question. Abuse to cloud services
00:00
is least likely to result in which of the following;
00:00
one, denial of service, two,
00:00
phishing attacks, three, data deletion.
00:00
I would say it's data deletion because ideally,
00:00
even if someone has access to
00:00
your cloud environment and
00:00
just provisioning certain services,
00:00
if you've appropriately protected your data
00:00
through encryption at rest,
00:00
it should be difficult for
00:00
the attacker to delete the data.
00:00
Usually, when people are comprising
00:00
or provisioning web services for their own use,
00:00
these attackers are using them to
00:00
launch denial of service and phishing
00:00
attacks from the cloud environment
00:00
and leaving you to foot the bill.
00:00
In summary, we talked about the threat
00:00
of abuse of cloud services,
00:00
we talked about the impact,
00:00
namely that malicious actors
00:00
can leverage your cloud services or
00:00
the cloud service provider to launch attacks and then
00:00
not pay the associated costs
00:00
of using these cloud services.
00:00
Then we talked about the methods that can
00:00
be used to reduce the risk,
00:00
which for an individual
00:00
company that's utilizing
00:00
cloud services through appropriate log
00:00
in and monitoring to detect
00:00
any deviations from your typical baseline
00:00
or expected costs that
00:00
associate with your cloud services.
00:00
I will see you in the next lesson.
Up Next
Instructed By
Similar Content
