Hackers are increasingly reaping the benefits of the cloud

Cyber criminals bring the cloud to the dark web, making it easier to move stolen data

Person types on laptop in the dark

Security researchers have discovered that hackers are storing terabytes of internal business data and logins for popular providers including Amazon, Google, Twitter, Facebook and PayPal on underground cloud services.

According to a new Trend Micro report, the hackers sell the data on the dark web and deliver the data via access to the cloud logs. Robert McArdle, director of forward-looking threat research for Trend Micro, said in a blog post said this resulted in more stolen accounts being monetized and cut the weeks it usually takes for data to go from stolen to being used against an enterprise to just days or hours.

In a sample dataset of 1,000 logs, researchers identified a total of 67,712 URLs for compromised accounts. Threat actors can purchase access to these so-called “Cloud of Logs,” which can include thousands or millions of emails and passwords, for $350-$1000 per month.

Once a threat actor purchases access to the cloud-based logs of stolen data, they can use the information for secondary infection. For example, remote desktop protocol (RDP) credentials, which are included in these logs, are popular entry points for criminals targeting enterprises with ransomware

Researchers added that storing terabytes of data in the cloud has a similar appeal for criminal businesses as it does for legitimate organizations. Cloud storage offers scalability and speed that provides more computing power and bandwidth to optimize operations. 

According to the report, cyber criminals can streamline and accelerate attacks and potentially expand their number of targets. The result is optimized cybercrime by ensuring threat actors who specialize in specific areas - say cryptocurrency theft or e-commerce fraud - can access the data they need quickly, easily and relatively cheaply.

Related Resource

A guide to becoming cloud-native smart and secure

The transcendence of cloud-native application development

Download now

McArdle, added that criminal businesses would need data-mining specialists to reap the greatest possible return on each terabyte of stolen data. 

“This role in the cybercriminal organization won’t be stealing credentials or monetizing them, but rather this person will sit in the middle of the organization separating the cuts of meat, if you will,” McArdle said. “An ideal candidate in this new cloud-driven business model will leverage machine learning to efficiently identify and bundle every data type that will be attractive to different buyers.”

What can your business do to combat this new, more advanced hacker? According to McArdle, hackers shifting to the cloud doesn’t change the basics of cyber security, but businesses must better prepare themselves to respond more quickly to combat these more agile hackers. 

McArdle also recommends continued employee education about the importance of cyber security, including creating safe passwords and not falling victim to phishing attacks.  

Featured Resources

How to scale your organisation in the cloud

How to overcome common scaling challenges and choose the right scalable cloud service

Download now

The people factor: A critical ingredient for intelligent communications

How to improve communication within your business

Download now

Future of video conferencing

Optimising video conferencing features to achieve business goals

Download now

Improving cyber security for remote working

13 recommendations for security from any location

Download now

Recommended

Monero miners target cloud-native development environments
cryptocurrencies

Monero miners target cloud-native development environments

5 Mar 2021
IT security awareness and training firm KnowBe4 acquires MediaPRO
Acquisition

IT security awareness and training firm KnowBe4 acquires MediaPRO

3 Mar 2021
High-risk email security threats increased by 32% last year
phishing

High-risk email security threats increased by 32% last year

3 Mar 2021
The top 12 password-cracking techniques used by hackers
Security

The top 12 password-cracking techniques used by hackers

3 Mar 2021

Most Popular

Star Alliance passenger data stolen in SITA data breach
data breaches

Star Alliance passenger data stolen in SITA data breach

5 Mar 2021
I went shopping at Amazon’s till-less supermarket so that you don’t have to
automation

I went shopping at Amazon’s till-less supermarket so that you don’t have to

5 Mar 2021
How to find RAM speed, size and type
Laptops

How to find RAM speed, size and type

26 Feb 2021