Ask the Expert

Is Internet hijacking one of the main cloud computing threats?

Are traffic hijacking attacks a real concern with cloud computing? How can I tell if my cloud computing vendor is susceptible to this type of attack, a man-in-the-middle, for instance?

    Requires Free Membership to View

Although cloud computing can deliver huge benefits to organizations in terms of reduced capital costs and on-demand resources, it also presents hackers with a rich environment to attack, as huge amounts of data are concentrated in one place. The fact that this data is stored on resources that are shared across many different users amplifies the risks presented by certain kinds of vulnerabilities. However, Cloud Security Alliance research conducted earlier this year in conjunction with Hewlett-Packard didn't identify Internet traffic hijacking as one of the main cloud computing threats.

This is possibly because traffic hijacking is a threat to any type of Internet-based service, not specifically cloud computing. Two of the key protocols that make the Internet work, DNS and Border Gateway Protocol (BGP), can both be used to launch traffic hijacking attacks by using fundamental flaws in the protocols themselves. BGP, for example, which calculates the quickest, most efficient route for Internet traffic to travel in order to reach the destination IP address, can be subverted by abusing the trust relationship established by default between low-level Internet protocols.

When looking at a cloud service provider, I would approach the issue of its security by asking how it tackles some of the issues highlighted in the Top Threats to Cloud Computing report mentioned above. The key issues it can directly tackle are:

  • Insecure interfaces and APIs
  • Malicious insiders
  • Shared technology issues
  • Data loss or leakage

The potential for malicious insiders should be taken seriously. The incredible growth of cloud computing has to have led to short cuts by some providers when it comes to checking the credentials of new employees. A malicious or disgruntled employee could try to instigate a traffic hijacking attack or harvest data some other way. If unauthorized users gain access to your credentials, for example, they could monitor your activities and redirect your clients to other sites.

Protecting your account credentials highlights the importance of implementing your own security measures for computing in the cloud, as well as understanding your cloud provider's security policies -- measures such as segregation of duties, service level agreements and overall commitment to security. Much of the remediation advice for the top threats offered by the Cloud Security Alliance is steps you as the client need to take, such as banning the sharing of account credentials between users and services, and using strong two-factor authentication wherever possible for tasks such as administrative access and operations.

When it comes to cloud computing, the threat listed at No. 7 says it all for me: Unknown risk profile. At the end of the day, it's impossible to know for certain how closely your cloud provider follows its internal security procedures and who has access to your data. Yes, there's a shared responsibility with your cloud provider for security, but ultimately it's you who are responsible; that responsibility you can't outsource.

For more information:

This was first published in May 2010

There are Comments. Add yours.

 
TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: