For some companies, the nature of the cloud allows any person with a valid credit card to register and use cloud services. Spammers, malicious code authors and other criminals can use these platforms to launch denial-of-service attacks, host botnet command and control servers, perform password and key cracking and other malware and infect legitimate tenants in the cloud systems.
In addition, today's attackers can create massive distributed DoS attacks, even without having any zombies. All they have to do is buy or obtain access to a few servers and blow some service off for a few minutes.
This also allow criminals to build "Rainbow Tables", which are pre-computed hashes used for offline password cracking -- in addition to CAPCHA breaking and decryption that are often involved. Hackers can take advantage of such techniques to rapidly change locations and keep their business alive.
Some cloud services even provide trial versions that grant access for short periods of time, allowing criminals to be completely anonymous.
While the cloud is profoundly changing the way companies leverage technology for business, it's important to be aware of the opportunities it can create -- in both positive and negative respects. Sometimes you have to think like a criminal in order to prevent one from threatening your business.
Read more about cloud computing in Network World's Cloud Computing section.
This story, "Experts explain greatest threats to cloud security" was originally published by Network World.