Cloud computing is predicted to be the future technology. This paradigm is considered to be offering infinite resources and comprehensive security, due to the application of modern techniques and highly skilled personnel employed. Despite of highly skilled manpower is looking after the cloud; cybercriminals have managed to attack cloud. This work undertakes the study of threats that exist in cloud computing, the type of industries on target of cybercriminals. In addition, we have carried out the detailed study on the industries which are targeted and the method employed by the cybercriminals to target these industries. This work will be extremely helpful to researchers and enterprises to know the type of cyber attack occurring in this newly evolved paradigm and to evolve the new methods to counter them.
Cyber security, cloud attack, cybercrime, resource protection
Enterprises and individual users are outsourcing their services on the web, instead of maintaining the resources of their own. Outsourcing of technical resources enables the organization to concentrate on business need instead of technical aspect, which is looked after by the expert of the IT area. To facilitate such users, a web based paradigm known as cloud computing has emerged and offering the services on utility model [p3]. The major goal of Cloud computing is to reduce the operating cost, increase throughput, increase the reliability and availability [p10].
To cater the wide variety of users, cloud is offering three types of services. These services include Infrastructure as a Service (IaaS), Platform as a Service (PaaS) and Software as a Service (SaaS) ( Mell & Grance, 2011). In IaaS users are offered the computing capabilities such as processor, RAM, Storage etc. as Services [p13]. All these resources are provided on rent basis from the cloud instead of private services [p11]. The appealing feature of the IaaS is that the users do not need to change the infrastructure periodically, which gets outdated in every three years due to the Murphy’s Law. Users are also free from updating any patches that frequently need to be performed in operating system due to exploited vulnerabilities.
In PaaS, development environment is offered as a service. In case of SaaS, applications are offered as services. In SaaS environment application subscribed are available for use without any delay, whereas in legacy software user has to wait for months or sometimes in year to get the software to be available for use. Google docs, invoices, cloud ERP etc. are some of the prominent examples of SaaS based services. All the cloud services are offered via public, private and community deployment model. Once the cloud resources are under the control of cloud users it is known as private model (aka on-premises model), whereas if the cloud resources are under the control of cloud provider then it is known as public cloud( aka hosted model). In public model resources are accessed with...