- CXO Track
- For You
- Horror Stories from Hacker World
- Resume Clinic
- Rushikesh Vishwakarma & Ashwin Vamshi
Rushikesh Vishwakarma & Ashwin Vamshi
Cloud As an Attack vector
The usage of cloud has grown exponentially. Cloud offers a great deal of flexibility, reliability, accessibility, and uptime to the services running on it. Enterprises now use Cloud for storing critical data, confidential data and collaborating data with shared users. The adoption of the cloud has also given full scope for cybercriminals, malware authors, and threat actors to launch attacks and stay under the radar. The recent Cloud report released by Netskope mentions that in an enterprise, an average of one thousand or more cloud services are in use, which includes both sanctioned (IT approved) and unsanctioned apps (shadow IT apps). Gartner's security predictions say that by 2020, more than a third of successful attacks experienced by enterprises will be in their shadow IT resources. Accordingly, we see a surge in malware using Cloud services. The usage of the Cloud is not only limited to an attack delivery surface, but also as an infrastructure hosting surface where threat actors can host Command and Control (C&C ) servers inferring Cloud as a potential attack vector.
Rushikesh Vishwakarma is a Security Researcher at Netskope. He has an interest in targeted attacks and malware using cloud services, different campaigns and threat actors that use ‘cloud as an attack vector’.
Ashwin is a Security Researcher at Netskope. His research has been quoted in Forbes and also in several Infosec magazines and online portals. Ashwin primarily focusses in identifying malware, campaigns and threat actors that use 'Cloud as an attack vector'.