IT working on cloud network

Cloud Virology: Malware, Attacks, and Threats to the Cloud

The cloud has proven to be beneficial for both small and medium businesses and large enterprises. The technology has paved the way for more accessible data storage, which is capable of file backup and recovery.

Despite its advantages, the cloud also comes with drawbacks. Whether you’re planning to invest in cloud storage or you’re studying for a Network+ n10-007 exam, it is best to know the threats and issues surrounding the cloud.

DDoS Attacks

A distributed denial-of-service (DDoS) attack happens when there is incoming traffic flooding from multiple sources. Usually, a hacker maliciously uses and controls the attack through a botnet to target the cloud system for whatever motivation.

When a cyber attack happens, an IT professional usually blocks an IP address. However, since DDoS comes from multiple sources, it can be difficult to block the address and distinguish legitimate user traffic from attack traffic.

Ransomware Attacks

Information is powerful, and hackers know this. Through ransomware attacks, these hackers can get money or anything they request in exchange for the victim’s data. Email attachments and infected applications, websites, and external storage devices are the usual sources of ransomware malware.

The ransomware attack has two types: file encryption and lock screen. In the first one, the malware encrypts files, so the data owner cannot access it. In the lock screen variant, the malware changes the login credentials of the computing device.

Once they have executed the attack, the hacker usually asks for ransom in the form of cryptocurrency to mask their identity. One of the most notorious ransomware attacks in history is the 2017 WannaCry attack. The hackers targeted computers using the Microsoft Windows operating system, encrypted files and asked for Bitcoin ransom.

Phishing Attacks

Man with stolen credit cards about to do a phishing attack

Internet users have become more security-conscious, and email platforms are flagging emails with suspicious attachments and text. Hackers have, therefore, refined their techniques to make their emails look trustworthy.

Once the cybercriminal gets the victim’s login credentials, they can easily access the latter’s cloud storage accounts via social engineering. Phishing attacks, however, aren’t only financially-driven, but they can also be a method of intelligence-gathering. Public cloud services with only a thin layer of protection (e.g., one-factor authentication) are especially susceptible to phishing attacks.

In 2017, a mass of phishing attacks sent unsuspecting Gmail users to an actual Google web page. The worm, or the virus, infected not only the target but also the target’s contacts.

Advanced Persistent Threats

Advanced persistent threat (ATP) attacks are a prolonged cyber attack, in which the hacker gains unauthorized access to the cloud and steals data. The attack lasts for extended periods and remains undetected by legitimate users.

Usually, the hackers monitor cloud and network activities of organizations with high-value information, such as companies dealing with intellectual property and government agencies. Instead of damaging the system, the hackers steal data.

To gain access to these large organizations, hackers use sophisticated social engineering techniques, such as highly-focused spear phishing attacks. Once they have entered, they intend to stay for a long time and maintain access to the network. Usually, they also establish backdoors they can use to move around the entire network. The infiltrators perform code rewriting to cover their tracks. Data exfiltration, or the illegal transfer of a network’s information to another location,  is the only sign that a network is under an ATP attack.

Cloud computing has gained popularity in recent years. Due largely to the move of the world towards digitalization, the reach of the cloud is expected to increase – and with it, the number of potential security threats.