Man in the Cloud (MITC) Attacks

Started by deanwebb, September 15, 2015, 09:39:38 AM

Previous topic - Next topic

deanwebb

 :zomgwtfbbq:

Yes, it's true.

https://www.imperva.com/docs/HII_Man_In_The_Cloud_Attacks.pdf

Big takeaway: Because MITC attacks are done through cloud sync protocols, perimeter and IPS won't catch them. Behavior analysis and intellectual property security have to be used to detect and respond to these bad boys.

:facepalm4:
Take a baseball bat and trash all the routers, shout out "IT'S A NETWORK PROBLEM NOW, SUCKERS!" and then peel out of the parking lot in your Ferrari.
"The world could perish if people only worked on things that were easy to handle." -- Vladimir Savchenko
Вопросы есть? Вопросов нет! | BCEB: Belkin Certified Expert Baffler | "Plan B is Plan A with an element of panic." -- John Clarke
Accounting is architecture, remember that!
Air gaps are high-latency Internet connections.

wintermute000

what, no netskope hype to follow up? (but seriously, thanks, that is an interesting PDF).






deanwebb

It's another example of developers wanting to make something work as quickly and easily as possible without giving a thought to how crappy the security of the whole thing is.

:developers:

To be sure, making it more secure would also make it much harder to use... the most popular cloud storage service, therefore, would also be the one most easy to exploit.
Take a baseball bat and trash all the routers, shout out "IT'S A NETWORK PROBLEM NOW, SUCKERS!" and then peel out of the parking lot in your Ferrari.
"The world could perish if people only worked on things that were easy to handle." -- Vladimir Savchenko
Вопросы есть? Вопросов нет! | BCEB: Belkin Certified Expert Baffler | "Plan B is Plan A with an element of panic." -- John Clarke
Accounting is architecture, remember that!
Air gaps are high-latency Internet connections.

wintermute000

CASB (Cloud Access Security Broker)
woohoo acronyms + yet another thing to learn + yet another hidden cost of doing business when you decide to put your servers somewhere else, oh I mean CLOUD lol

deanwebb

Take a baseball bat and trash all the routers, shout out "IT'S A NETWORK PROBLEM NOW, SUCKERS!" and then peel out of the parking lot in your Ferrari.
"The world could perish if people only worked on things that were easy to handle." -- Vladimir Savchenko
Вопросы есть? Вопросов нет! | BCEB: Belkin Certified Expert Baffler | "Plan B is Plan A with an element of panic." -- John Clarke
Accounting is architecture, remember that!
Air gaps are high-latency Internet connections.

RHochstenbach

Those cloud services were designed for home users allowing them to share their vacation photos. Those haven't been (publicly) audited to use in a business environment. As a security manager, I get scared when management comes up with the idea of using Dropbox or Google Drive to share sensitive files. Call me old-fashioned, but I still prefer local storage. An audited private cloud might be an alternative.

deanwebb

Even then, with weak mechanisms for security, a person on the inside could intercept flows from individuals that handle sensitive documents and evade normal security, even what would be a sophisticated intellectual property management system, as the copies he'd receive would be seen as legitimate traffic for him accessing a cloud share that he's supposedly got permission to access... we'd have to have local file monitoring, and I'm sure the client boys are just *dying* to have one more agent to install locally.
Take a baseball bat and trash all the routers, shout out "IT'S A NETWORK PROBLEM NOW, SUCKERS!" and then peel out of the parking lot in your Ferrari.
"The world could perish if people only worked on things that were easy to handle." -- Vladimir Savchenko
Вопросы есть? Вопросов нет! | BCEB: Belkin Certified Expert Baffler | "Plan B is Plan A with an element of panic." -- John Clarke
Accounting is architecture, remember that!
Air gaps are high-latency Internet connections.

icecream-guy

5 years ago the current administration but for a government cloud adoption plan, surprisingly, the adoption has not been very good, but according to this article here

http://www.networkworld.com/article/2988229/cloud-computing/government-cloud-adoption-efforts-lag-as-security-concerns-persist.html

it's completely safe, even making it MORE secure than hosting services in house.
:professorcat:

My Moral Fibers have been cut.