The Notorious Nine: Cloud Computing threats for 2014

The Notorious Nine

Cloud Computing threats for 2014

Last week, Rich Mogull, one of Securosis cloud security top researchers, made an honest mistake and forgot his AWS access keys on a configuration file in Github.com; It took less the 36 hours for hackers to find them and use them.

After realizing what happened, Rich logged in his AWS account expecting to find what we have already gotten used to see in hijacked AWS account: lost data, deleted instances and servers transformed  to SPAM/DDOS/BOT robots.

Last week it was different. After reviewing all regions, Rich finally find out what the hackers were out to get. 10 Extra-large instances were discover, and the hackers did not used them for launching an attack on someone else, but all 10 servers were quietly working on mining Bitcoins in favor of the attackers, on Rich expanse.

Cloud Computing security is not better or worse the traditional security, it is just different. Likelihood of some risks goes up, and others go down. And the threat map is changing often, as we can learn from Rich Story above. New threats are developed rapidly and so are the defense tactics – Rich found out that his access keys were exposed from an AWS security team alert e-mail, apparently AWS are monitoring Github for mistakes like that – and this is great example of pro-active security.

Organizations moving to the cloud must understand the risks and manage their controls accordingly.  
In the presentation we will review the "notorious nine" Cloud computing threats as published by the Cloud Security Alliance. For each risk we will provide recent examples, discuss his relevance and review the efforts done by Cloud providers to minimize that risk.

                      Moshe Ferber, Cloud Security Expert


Join or login to comment.

  • Avner A.

    Here is the link for the presentation:
    http://files.meetup.com/1724101...­

    January 30

  • Matan S.

    Is a slide-deck of it available?

    January 29

  • Nissan

    Very interesting presentation

    January 28

  • Alon F.

    hi, please note on the presentation post.

    January 28

  • Karen A.

    Excellent lecturer! Knows his stuff! Thanks!

    January 28

  • Avner A.

    בסביבות חמש ורבע

    January 28

  • Karen A.

    הי 5 מתחיל המינגלינג, אני מניחה - אבל מתי מתחילה ההרצאה בבקשה? תודה.

    January 28

  • Steven L.

    Looks quite interesting. Will talk be in English or Hebrew?

    January 16, 2014

    • Moshe F.

      Hi Steven, it will be in Hebrew.

      January 20, 2014

  • Shlomi F.

    LOL, don't forget your keys on the table!

    January 15, 2014

    • Shlomi F.

      I mean AWS keys of course :)

      1 · January 15, 2014

    • A former member
      A former member

      בלינוקס זה לא הי... אה אוופס.

      2 · January 15, 2014

Our Sponsors

People in this
Meetup are also in:

Create a Meetup Group and meet new people

Get started Learn more
Allison

Meetup has allowed me to meet people I wouldn't have met naturally - they're totally different than me.

Allison, started Women's Adventure Travel

Start your Meetup today

Act now and get 50% off.
Until February 1.

Sign up

Meetup members, Log in

By clicking "Sign up" or "Sign up using Facebook", you confirm that you accept our Terms of Service & Privacy Policy