ANALYSIS OF THE USE OF CLOUD SERVICES FOR FISHING ATTACKS
DOI:
https://doi.org/10.28925/2663-4023.2020.9.5968Keywords:
social engineering; phishing; cloud services; cloud computingAbstract
Phishing, as a type of information attack, has been used by intruders for selfish purposes for quite some time. They are very popular in the criminal world because it is much easier for a person to make certain profitable actions than a program. With the advent of new technologies, this type of attack has gradually adapted to the new conditions of engagement with its victim. Cloud services have become a great modern and widespread tool for phishing campaigns. The use of such services has given to malicious actors a number of significant advantages over the use of their own computing resources. The relative cheapness and ease of exploitation of these technologies has played an important role. The problem of information security with using cloud technologies is that this type of attack is difficult to detect, even more to prevent, without significantly affecting the comfort of using end users of information systems. The article analyzes the relevance of this type of attacks based on real data. We considered the algorithm of their work during a life cycle and analyzes the use of the basic available security methods of protection, their feasibility and problems of use. The analysis showed that not all modern security methods are capable of detecting and preventing phishing attacks, which use public cloud services. Even a combination of several or all methods cannot guarantee high protection for users against phishing threats. In the article were mentioned some examples of phishing campaigns that took place during 2019 and used such popular public cloud services as Azure Blob storage created by Microsoft and Google Drive developed by Google. A basic list of tips was also provided that would increase the level of security for internet users in order to reduce the risk of potential data compromise or its consequences.
Downloads
References
Oleksandr Milov, Alexander Voitko, Iryna Husarova, Oleg Domaskin, Yevheniia Ivanchenko, Ihor Ivanchenko, Olha Korol, Hryhorii Kots, Ivan Opirskyy, Oleksii Fraze-Frazenko. Development of methodology for modeling the interaction of antagonistic agents in cybersecurity systems, Eastern-european journal of enterprise technologies. Information and controlling system. – Vol 2, No 9(98), pp.56-66, (2019). DOI: https://doi.org/10.15587/1729-4061.2019.164730.
Dudykevych V.B. Provision of information security of the state: a textbook / V.B. Dudykevych, I.R. Opirskyy, P.I. Garanyuk, V.S. Zachepilo, A.I. Partyka. - Lviv: Publisher of Lviv Polytechnic National University, 2017. - 204 p. (IBSN 978-966-941-091-7).
Info.phishlabs.com, 2019. [Online]. Available: https://info.phishlabs.com/hubfs/2019%20PTI%20Report/2019%20Phishing%20Trends%20and%20Intelligence%20Report.pdf.
H. Journal, "65% of U.S. Organizations Experienced a Successful Phishing Attack in 2019", HIPAA Journal, 2019. [Online]. Available: https://www.hipaajournal.com/65-of-u-s-organizations-experienced-a-successful-phishing-attack-in-2019/.
J. Singh, "Comprehensive Solution to Mitigate the Cyber-attacks in Cloud Computing", International Journal of Cyber-Security and Digital Forensics, vol. 3, no. 2, pp. 84-92, 2014. Available: 10.17781/p001294.
B. Gupta, N. Arachchilage and K. Psannis, "Defending against phishing attacks: taxonomy of methods, current issues and future directions", Telecommunication Systems, vol. 67, no. 2, pp. 247-267, 2017. Available: 10.1007/s11235-017-0334-z.
"Software as a service", En.wikipedia.org. [Online]. Available: https://en.wikipedia.org/wiki/Software_as_a_service.
"About Blob (object) storage - Azure Storage", Docs.microsoft.com. [Online]. Available: https://docs.microsoft.com/uk-ua/azure/storage/blobs/storage-blobs-overview.
"Static website hosting in Azure Storage", Docs.microsoft.com. [Online]. Available: https://docs.microsoft.com/uk-ua/azure/storage/blobs/storage-blob-static-website.
S. Gatlan, "Phishing Campaign Uses Google Drive to Bypass Email Gateways", BleepingComputer, 2019. [Online]. Available: https://www.bleepingcomputer.com/news/security/phishing-campaign-uses-google-drive-to-bypass-email-gateways/.
"Email authentication", En.wikipedia.org. [Online]. Available: https://en.wikipedia.org/wiki/Email_authentication.
"Email spoofing", En.wikipedia.org. [Online]. Available: https://en.wikipedia.org/wiki/Email_spoofing.
"How Office 365 ATP Safe Links works - Office 365", Docs.microsoft.com. [Online]. Available: https://docs.microsoft.com/en-us/microsoft-365/security/office-365-security/how-atp-safe-links-works?view=o365-worldwide.
"How Office 365 ATP Safe Attachments works - Office 365", Docs.microsoft.com. [ Online]. Available: https://docs.microsoft.com/en-us/microsoft-365/security/office-365-security/how-atp-safe-attachments-works?view=o365-worldwide.
"Google Safe Browsing", Safebrowsing.google.com. [Online]. Available: https://safebrowsing.google.com/.
"Security/Safe Browsing - MozillaWiki", Wiki.mozilla.org. [Online]. Available: https://wiki.mozilla.org/Security/Safe_Browsing.