Feeds

back to article Number-munching clouds are godsend for cybercrooks - experts

Cloud computing providers came under fire today from security experts who blamed them for giving cyber-criminals the tools to launch attacks more easily, efficiently and anonymously than ever before. Speaking at the fourth InfoSecurity Summit in Hong Kong on Tuesday, SC Leung - a senior consultant at the city-state's Computer …

COMMENTS

This topic is closed for new posts.
Silver badge
Stop

Criminals are using the internet ?!

Pass a law against it, now!

3
0
Gold badge

Re: Criminals are using the internet ?!

And whilst you're at it, let's crack down on those wicked manufacturers who produce GPUs and FPGAs, and software vendors who provide the tools to use them.

0
0
Anonymous Coward

Time to think different

FFS, this is not news. I've worked on alternative approaches since 2005, and the upshot is that it's more fun as well. The primary problem is that too strict processes kill off the creativity - you as a target become predictable, aka a sitting duck that can be repeatedly shot at. Case in point: anti-virus. The absolute first thing that happens with a zero day is that it is tested on virustotal.com.

At present, most people in IT security are either researchers, or glorified administrators. No surprises there..

0
0
FAIL

Yes, think different...

As someone else said, think different... The traditional corporate mentality just doesn't work, you become slow and cumbersome while the hackers are not so constrained.

Also cloud isn't the problem, buying services from amazon is not what hackers do anyway because it leaves a paper trail... Instead they will hack boxes, and some of them happen to be hosted at cloud providers. Hackers have always compromised boxes and used them to launch further attacks, the only "cloud" connection is that providers like amazon are prominent and fashionable enough that lots of people with no server management experience want to try it out, so they leave insecure boxes on the internet waiting to be hacked.

3
0

Re: Yes, think different...

...and that is exactly the case.

No self-respecting hackers would buy a service leaving credit card number just so squeeze some CPU power.

I'd say buying en masse cheap hardware and building your own cluster is easier than renting services. Virtually any brute force alike algorithm is embarrassingly parallel, hence it can run on commodity hardware connected via standard LAN.

1
1
g e
Silver badge

Re: Yes, think different...

Ah but they don't have the bandwidth of a hacked box in an ISP/datacentre, which is likely why they don't.

0
1
Silver badge
WTF?

Re: Yes, think different...

Eh?

No self-respecting hackers would buy a service leaving credit card number just so squeeze some CPU power.

Cybercrooks, i.e. those stealing money via stolen credit card & bank details, would almost certainly use a credit card in their own name...Riiiggghhhhhtttt.

0
0

Re: Yes, think different...

Cybercrooks, i.e. those stealing money via stolen credit card & bank details, would almost certainly use a credit card in their own name..

Credit card blocked - service blocked, it's not a single time purchase. You need it running for extended period of time.

0
0
g e
Silver badge
Stop

Whining about other people causing the problem

Is not a substitute for addressing it.

Otherwise I could do my whole damned job powered solely by email and righteous indignation and charge 4x the rate.

1
1
Silver badge

speed vs. liability

the developers who work in industry aren't any slower that those that write exploits, its just that those in industry have to worry about whether the 'fix' will break anything. the virus writer doesn't have to care. this doesn't mean that they don't, simply that they don't have to.

0
0
This topic is closed for new posts.