{"id":2241,"date":"2018-07-01T14:08:33","date_gmt":"2018-07-01T18:08:33","guid":{"rendered":"https:\/\/solutionsreview.com\/cloud-platforms\/?p=2241"},"modified":"2018-07-16T15:09:04","modified_gmt":"2018-07-16T19:09:04","slug":"cloud-crypto-attacks","status":"publish","type":"post","link":"https:\/\/solutionsreview.com\/cloud-platforms\/cloud-crypto-attacks\/","title":{"rendered":"How to Keep Your Cloud Safe From Cypto Attacks"},"content":{"rendered":"

\"Cloud
\nTesla is one of the biggest names in the auto industry today. That didn\u2019t stop them from misusing their cloud platform, though. Tesla didn\u2019t believe having a password on their Kubernetes administration console was necessary, for some reason. Through this, crypto miners were able to infiltrate their AWS account to mine cryptocurrency using the cloud\u2019s computing power. These cloud crypto attacks are generally known as “cryptojacking.” Cloud security is essential to maintaining the safety of your enterprise’s information, and obviously, that starts with having a password. If cryptojacking is a notable concern, talk to your managed service provider or managed security provider to find out what they can do to help.<\/p>\n

If this attack was so simple to execute on a multi-billion-dollar tech company, then it could be just as easy on a smaller enterprise. RedLock, a security company, recently found<\/a> that hundreds of Kubernetes administration consoles were accessible over the internet without any password protection. These cryptojackers, as RedLock calls them, will go to any length to obtain cryptocurrency. So, what can you do to stay secure from this threat?<\/p>\n

\t\t\t

\"Download<\/a><\/p>\n<\/div>\n\t\t<\/div><\/div><\/p>\n

Knowing the enemy<\/strong><\/h5>\n

The benefits of using the cloud are seemingly endless. It’s more versatile, easier to manage, faster to use, teams can work anywhere, etc. Crypto miners recognize these same benefits. Utilizing the cloud to crypto mine is incredibly efficient. It\u2019s theoretically a lot easier than creating an intricate setup of expensive GPUs<\/a>, but investing in a cloud platform isn’t always viable.<\/p>\n

There are dedicated cloud crypto mining services available online, but these often don\u2019t have enough power or are too expensive for a dedicated crypto miner. If you could create cryptocurrency by simply infiltrating a major corporation like Telsa\u2019s cloud, wouldn\u2019t you? Hackers will go to any extent to get what they need. Ignoring cloud security in favor of a faster release schedule is never worth it.<\/p>\n

How the attack happened<\/strong><\/h5>\n

The cryptojackers went to extreme lengths to hide their attacks. These hacking professionals know what to do and know how to go unnoticed, especially when the security measures are lacking. RedLock detailed how they performed their attack:<\/p>\n