Hackers are increasingly reaping the benefits of the cloud

Cyber criminals bring the cloud to the dark web, making it easier to move stolen data

Person types on laptop in the dark

Security researchers have discovered that hackers are storing terabytes of internal business data and logins for popular providers including Amazon, Google, Twitter, Facebook and PayPal on underground cloud services.

According to a new Trend Micro report, the hackers sell the data on the dark web and deliver the data via access to the cloud logs. Robert McArdle, director of forward-looking threat research for Trend Micro, said in a blog post said this resulted in more stolen accounts being monetized and cut the weeks it usually takes for data to go from stolen to being used against an enterprise to just days or hours.

In a sample dataset of 1,000 logs, researchers identified a total of 67,712 URLs for compromised accounts. Threat actors can purchase access to these so-called “Cloud of Logs,” which can include thousands or millions of emails and passwords, for $350-$1000 per month.

Once a threat actor purchases access to the cloud-based logs of stolen data, they can use the information for secondary infection. For example, remote desktop protocol (RDP) credentials, which are included in these logs, are popular entry points for criminals targeting enterprises with ransomware

Researchers added that storing terabytes of data in the cloud has a similar appeal for criminal businesses as it does for legitimate organizations. Cloud storage offers scalability and speed that provides more computing power and bandwidth to optimize operations. 

According to the report, cyber criminals can streamline and accelerate attacks and potentially expand their number of targets. The result is optimized cybercrime by ensuring threat actors who specialize in specific areas - say cryptocurrency theft or e-commerce fraud - can access the data they need quickly, easily and relatively cheaply.

Related Resource

A guide to becoming cloud-native smart and secure

The transcendence of cloud-native application development

Download now

McArdle, added that criminal businesses would need data-mining specialists to reap the greatest possible return on each terabyte of stolen data. 

“This role in the cybercriminal organization won’t be stealing credentials or monetizing them, but rather this person will sit in the middle of the organization separating the cuts of meat, if you will,” McArdle said. “An ideal candidate in this new cloud-driven business model will leverage machine learning to efficiently identify and bundle every data type that will be attractive to different buyers.”

What can your business do to combat this new, more advanced hacker? According to McArdle, hackers shifting to the cloud doesn’t change the basics of cyber security, but businesses must better prepare themselves to respond more quickly to combat these more agile hackers. 

McArdle also recommends continued employee education about the importance of cyber security, including creating safe passwords and not falling victim to phishing attacks.  

Featured Resources

Consumer choice and the payment experience

A software provider's guide to getting, growing, and keeping customers

Download now

Prevent fraud and phishing attacks with DMARC

How to use domain-based message authentication, reporting, and conformance for email security

Download now

Business in the new economy landscape

How we coped with 2020 and looking ahead to a brighter 2021

Download now

How to increase cyber resilience within your organisation

Cyber resilience for dummies

Download now

Recommended

Nigerian cyber criminals target Texas unemployment system
cyber security

Nigerian cyber criminals target Texas unemployment system

27 May 2021
Hackers use open source Microsoft dev platform to deliver trojans
Security

Hackers use open source Microsoft dev platform to deliver trojans

14 May 2021
Demystify Azure migration
Whitepaper

Demystify Azure migration

18 Jun 2021
NSA releases guidance on voice and video communications security
Voice over Internet Protocol (VoIP)

NSA releases guidance on voice and video communications security

18 Jun 2021

Most Popular

How to find RAM speed, size and type
Laptops

How to find RAM speed, size and type

16 Jun 2021
Q&A: Enabling transformation
Sponsored

Q&A: Enabling transformation

10 Jun 2021
Ten-year-old iOS 4 recreated as an iPhone app
iOS

Ten-year-old iOS 4 recreated as an iPhone app

10 Jun 2021