Threats to the cloud – Part 1
Our last post reviewed the three major Cloud platforms:
- The Infrastructure as a Service (IaaS),
- The Platform as a Service (PaaS) and
- The Software as a Service (SaaS)
In this post, we examine some of the major security threats to a Cloud-based infrastructure.
The first type of threat agent is known as the “anonymous attacker.” This type of attacker is a malicious third party without any specific Cloud resource-based permissions. This type of attacker exists as a software program and can launch specific attacks to virtual servers via the public network.
These types of attack entities have limited information or knowledge about the security defenses of the Internet Service Provider, so the best way they can get into a Cloud computing infrastructure is through hacking into and stealing user accounts.
Malicious Service Agent
The “malicious service agent” is the second type of threat agent. This type of entity typically exists from within the Cloud computing infrastructure and has the capability to intercept and forward network traffic. Again, this type of threat agent usually exists as a software program.
Trusted Service Attacker
The third type of threat agent is specifically known as the “trusted service attacker.” As the name implies, the trusted attacker is already a consumer of a particular Cloud computing infrastructure, and therefore, has advanced knowledge (to some degree) of its inner workings.
This type of attacker usually launches their attacks from within a Cloud computing infrastructure, often using their own login information and access credentials from within a Cloud computing infrastructure.
The main threat of a trusted attacker is that given their knowledge of the Cloud computing infrastructure, they can attack about every type and kind of virtual server from within the Cloud computing environment.
The fourth type of threat agent is known as the “malicious insider.” Typically, these are contracted employees or ex-employees where login and access information into the particular Cloud computing infrastructure has not yet been deleted. Given this short window of timeframe until their access information is totally deleted, these type of attack entities can still log into their former Cloud computing infrastructures and still cause harm and damage.
The fifth type of threat is known as “traffic eavesdropping.” This simply happens when the end user or small business owner’s information and data, which is still being transferred to the Cloud computing infrastructure, is covertly intercepted by a third party for the illegal purposes of misusing and abusing that particular information and data.
The purpose of this kind of attack is to breach the relationship between the end user/small business owner and the Internet Service Provider. The traffic eavesdropping security threat often goes unnoticed for long periods of time.
In our next blog, we will finish up this series on Cloud threats and examine how you can protect your business from them.