Manage Learn to apply best practices and optimize your operations.

Is Internet hijacking one of the main cloud computing threats?

Does cloud computing lend itself particularly to Internet traffic hijacking, or are there other more serious cloud computing threats that infosec pros should address first? In this expert response, Michael Cobb discusses what threats to be on the lookout for when it comes to the cloud.

Are traffic hijacking attacks a real concern with cloud computing? How can I tell if my cloud computing vendor is susceptible to this type of attack, a man-in-the-middle, for instance?

Although cloud computing can deliver huge benefits to organizations in terms of reduced capital costs and on-demand resources, it also presents hackers with a rich environment to attack, as huge amounts of data are concentrated in one place. The fact that this data is stored on resources that are shared across many different users amplifies the risks presented by certain kinds of vulnerabilities. However, Cloud Security Alliance research conducted earlier this year in conjunction with Hewlett-Packard didn't identify Internet traffic hijacking as one of the main cloud computing threats.

This is possibly because traffic hijacking is a threat to any type of Internet-based service, not specifically cloud computing. Two of the key protocols that make the Internet work, DNS and Border Gateway Protocol (BGP), can both be used to launch traffic hijacking attacks by using fundamental flaws in the protocols themselves. BGP, for example, which calculates the quickest, most efficient route for Internet traffic to travel in order to reach the destination IP address, can be subverted by abusing the trust relationship established by default between low-level Internet protocols.

When looking at a cloud service provider, I would approach the issue of its security by asking how it tackles some of the issues highlighted in the Top Threats to Cloud Computing report mentioned above. The key issues it can directly tackle are:

  • Insecure interfaces and APIs
  • Malicious insiders
  • Shared technology issues
  • Data loss or leakage

The potential for malicious insiders should be taken seriously. The incredible growth of cloud computing has to have led to short cuts by some providers when it comes to checking the credentials of new employees. A malicious or disgruntled employee could try to instigate a traffic hijacking attack or harvest data some other way. If unauthorized users gain access to your credentials, for example, they could monitor your activities and redirect your clients to other sites.

Protecting your account credentials highlights the importance of implementing your own security measures for computing in the cloud, as well as understanding your cloud provider's security policies -- measures such as segregation of duties, service level agreements and overall commitment to security. Much of the remediation advice for the top threats offered by the Cloud Security Alliance is steps you as the client need to take, such as banning the sharing of account credentials between users and services, and using strong two-factor authentication wherever possible for tasks such as administrative access and operations.

When it comes to cloud computing, the threat listed at No. 7 says it all for me: Unknown risk profile. At the end of the day, it's impossible to know for certain how closely your cloud provider follows its internal security procedures and who has access to your data. Yes, there's a shared responsibility with your cloud provider for security, but ultimately it's you who are responsible; that responsibility you can't outsource.

For more information:

This was last published in May 2010

Dig Deeper on Web browser security

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.