Attackers are abusing the characteristics of cloud services to launch and hide their activity as they traverse target networks.
A new body of evidence indicates threat actors are using increasingly advanced techniques to target cloud providers and leveraging cloud-specific traits to hide their activity as they breach and persist in target networks.
Data comes from the Threat Stack security team, which spotted the pattern over multiple years of observing behavior on client networks. It was in 2016 when they noticed attacks leveraging Amazon Web Services (AWS) were becoming more sophisticated, says CSO Sam Bisbee. The trend picked up in 2017.