Researchers Say the Cloud Could Aid in Large-Scale Cyber Attacks

Grazed from BetaBeat. Author: Steve Huff.

Researchers at North Carolina State University and the University of Oregon have discovered a way to turn cloud computing into hacker heaven. Disguising data transfers with URL-truncating services like TinyURL or Bit.ly, researchers found that cloud-based processing power intended to shift computing tasks from laptops, tablets and mobile devices could be converted to crack encoded passwords or used for a large scale denial-of-service attack.

WhiteHat Security’s Jeremiah Grossman told Dark Reading that cloud browser providers need to “ensure adequate security controls are in place to prevent their end users from abusing the system.”…

N.C. State researcher William Enck said one key is awareness: NC State’s Enck says there are ways for cloud-based browsing providers to better monitor their traffic — namely, by associating accounts with the users so they can detect possible abuse or rogue traffic. Just like blacklisting offending IP addresses in a DDoS attack, for example, he says, this would allow cloud browser providers to quash abuse. “It’s similar: You can say, ‘Here are the clients from where [the traffic] is coming from and the IP addresses.’”…

Read more from the source @ http://betabeat.com/2012/11/researchers-say-the-cloud-could-aid-in-large-scale-cyber-attacks/