When the cloud is used for evil

Cloud computing is certainly popular. A recent survey showed that 94% of organizations are using or planning to use cloud based applications, a majority of those on public clouds.

But legitimate businesses and organizations aren’t the only ones moving to the cloud. Security concerns have long left companies wondering if the cloud was a good idea, but a recent experiment shows exactly why cloud based computing is a great new market for hackers.

Building free botnets

Using malware to take over hordes of unsuspecting computers and create a botnet is not a new trick, but security researchers Rob Ragan and Oscar Salazar were able to build a malicious botnet by using the free trials and freemium accounts offered by online application-hosting services. The botnet was capable of launching coordinated attacks, cracking passwords, and mining hundreds of dollars worth of Litecoin cryptocurrency. Although these security researchers were not out to do any real damage, they predict that they aren’t the only hackers who have considered this alternative to creating malware and stealing processing power from PCs.

Cloud traffic could be malware

Along with botnets, malware is also hosted and controlled from the cloud. Cloud servers are not as suspicious as servers traditionally used by hackers, making the attacks harder to detect. When hackers host their command and control software on the cloud, network traffic between a hosted cloud and a business looks like regular traffic. Monitoring traffic closely from cloud services and recognizing increased traffic or traffic from a service you might not even use will help detect malicious activity.

Cloud computing is not new and it comes with security flaws. Law-abiding organizations aren’t the only one’s who have picked up on the cloud’s potential. As cloud computing increases and evolves, it’s a new way for businesses to store files and operate, and it’s also new territory for hackers to explore.