The Notorious Nine
Cloud Computing threats for 2014
Last week, Rich Mogull, one of Securosis cloud security top researchers, made an honest mistake and forgot his AWS access keys on a configuration file in Github.com; It took less the 36 hours for hackers to find them and use them.
After realizing what happened, Rich logged in his AWS account expecting to find what we have already gotten used to see in hijacked AWS account: lost data, deleted instances and servers transformed to SPAM/DDOS/BOT robots.
Last week it was different. After reviewing all regions, Rich finally find out what the hackers were out to get. 10 Extra-large instances were discover, and the hackers did not used them for launching an attack on someone else, but all 10 servers were quietly working on mining Bitcoins in favor of the attackers, on Rich expanse.
Cloud Computing security is not better or worse the traditional security, it is just different. Likelihood of some risks goes up, and others go down. And the threat map is changing often, as we can learn from Rich Story above. New threats are developed rapidly and so are the defense tactics – Rich found out that his access keys were exposed from an AWS security team alert e-mail, apparently AWS are monitoring Github for mistakes like that – and this is great example of pro-active security.
Organizations moving to the cloud must understand the risks and manage their controls accordingly.
In the presentation we will review the "notorious nine" Cloud computing threats as published by the Cloud Security Alliance. For each risk we will provide recent examples, discuss his relevance and review the efforts done by Cloud providers to minimize that risk.
Moshe Ferber, Cloud Security Expert