Attacks in Public Clouds: Can They Hinder the Rise of the Cloud?

Abstract

Since the advent of Cloud Computing, security has been one of the main barriers to the adoption of the Cloud paradigm, especially by large organizations dealing with customers’ sensitive information. The rapid growth of the Cloud has made it a desirable attack target for both external attackers and malicious insiders. Many of the security attacks that occur in non-Cloud environments can occur in the Cloud as well, but some of those may be exacerbated, and some may remain unaffected in the new Cloud paradigm. There are also new threats that have arisen, and Cloud users now face Cloud-specific attacks that did not exist or rarely occurred in traditional environments. In this chapter, we discuss attacks that are exacerbated by exploitation of the multi-tenancy attribute in public Clouds that occur because of the virtualization technology or are due to the pay-as-you-go model in the Cloud. We discuss some of the most common threats and attacks with respect to the Cloud attribute exploitations which are capable of exacerbating attacks by causing more potential consequences, or making detection and prevention mechanisms more challenging. We also assess the attacks to find out how they may affect confidentiality, integrity, and availability of data and services for Cloud users. Being aware of the threats to the Cloud may help organizations and individuals have a more informed switch to the Cloud from their non-Cloud environments. This will also keep up the rise of the Cloud.