It is well established that with an increase in cloud resource availability, individuals and enterprises are empowered to create and host more content than ever. This talk highlights how attackers continue to abuse pre-existing cloud services by delivering malware, conducting phishing and extorting victims at every stage of the kill chain. The presenters will examine the role of the cloud in various recent attacks, how attackers are leveraging cloud infrastructure to conduct these attacks and identify various popular misused services. From team productivity apps for facilitating trade and collaboration to social media to organize command and control routines to unexpected document hosting, the underpinnings of modern malware operations are increasingly bright and efficient. This talk will attempt to narrow the areas of focus for students, researchers and professionals when understanding the breadth of cloud attacks. Participants will leave with outcomes of the findings of these services used by attackers that correlate to popular attacks or proof of concepts in which they were used, along with resources to learn more about cloud security.
Attendees Will Learn:- How attackers deliver malware, conduct phishing and extortion attacks, by leveraging pre-existing cloud services, and why they continue to abuse these services.
- How existing data can give insight into how attackers are leveraging cloud infrastructure to conduct these attacks and identify various popular misused services.
- The outcomes of the findings of these services used by attackers that correlate to popular attacks or proof of concepts in which they were used, along with resources to learn more about cloud security.