Mike Hodges is a senior consultant for the Optiv Attack and Penetration Practice. He has a background in application development and is currently OSCP, Assoc CISSP, and CEH certified. He is currently interested in evasive penetration tactics and techniques and is constantly looking to build new ways to automate attacker evasion.
Hiding in the Clouds – Leveraging Cloud Infrastructure to Evade Detection
Organizational spending on cybersecurity is at an all-time high. From an attacker’s perspective, this means that target networks are becoming increasingly hostile environments to operate in. This has pushed attackers to look for new ways to diminish a defenders ability to identify their activity. The introduction of cloud providers and their associated content delivery networks have provided ample ways to attack and communicate with attack infrastructure while piggy-backing on the cloud provider’s infrastructure and reputation.
Techniques and tactics such as domain fronting for multiple cloud providers, distributed scanning, and leveraging API gateways will be discussed. Also, more nuanced aspects these cloud services will be explored as they sometimes provide many benefits to an attacker’s infrastructure, including encryption. Most importantly, mitigations for these techniques will provided so that defenders can go about better protecting their network.
Come see Mike at RVAsec! Register Now.