the exploitation of misconfigurations in the cloud environment
weak authentication mechanisms
insufficient network segmentation
or poorly implemented access controls
cloud-based attack characteristics:
shared responsibility model
can lead to confusion about who is responsible for what
potentially leaving security gaps that attackers can exploit
side-channel attacks
attacker with an instance running on the same physical server as the victim attempts to extract information from the victim’s instance via shared resources
exploit misconfigurations and weak security controls
cryptojacking
an attacker uses the cloud’s processing power to mine cryptocurrency without the user’s consent
leading to
increased costs for the cloud user
degraded performance of their provisioned resources