On average it takes between 6 to 10 hours for online adversaries to target a cloud hosted server. This is without even publishing the cloud host IP address. The intrusions are organized in separate layers to make them more efficient and economical. The questions are who these attackers are and how these attacks are orchestrated?

To answer these questions, we have deployed a number of custom made honeypots across major cloud providers for the past year. During this period we have discovered a number tactics used by attackers that are constantly targeting onlines businesses. We have applied advance network theory techniques to profile adversaries that resulted in uncovering secret connections among most online attackers. In this paper, I will go through some of these findings which are both interesting and informational for people in IT security community. I will also give away a few tips to protect and harden cloud hosted servers.

Pedram Hayati is Director at Security Dimension with over a decade of industry and academic experiences in technical IT security space. Pedram has a PhD in Computer Science and has a number of international publications, presented at well-known industry and academic conferences. Moreover, his research studies on botnets and Cloud security have been featured in international media.

Comments are closed.