Dynamics of Cloud Storage Abuse and Exploitation - One More for the Road !

Presented at ToorCon San Diego 17 (2015), Oct. 24, 2015, 11 a.m. (50 minutes)

Google drive is heavily used for cloud storage purposes and adopted by millions of users for routine work. No doubt Google Drive has revolutionized the cloud computing technology by providing users with an ease of usability and portability for storing, managing and distributing documents over the cloud. However, with every technology, threat accompanies. Google drive functionalities have been exploited and abused by attackers to conduct targeted cyber attacks. A recent case shows that how attackers target tibetans with malicious Google drive files ( http://motherboard.vice.com/read/hackers-target-tibetans-with-malicious-google-drive-files ). In general, this problem is not specific to a region rather it’s a global issue. Google drive abuse and exploitation could have severe impact on the end-users as it highlights that cloud platforms are not immune against cyber-attacks. Elastica Cloud Threat Labs analyzes large chunks of data shared on Google drive on regular basis. In this talk, we cover real life case studies including demonstrations to highlight how attackers have abused Google drive for nefarious purposes such as conducting drive-by download attacks, advanced spear Phishing, malware distribution, DDoS and many others. We will also discuss how Google drive security protections can be bypassed. At last, we will discuss security solutions that we are developing at Elastica to protect users against cyber attacks to restrict the abuse of Google drive.

Presenters:

• Aditya K Sood
  Aditya K Sood (Ph.D) is a Security Architect - Threat Research and Intelligence for Elastica, Inc. Dr. Sood has research interests in malware automation and analysis, application security, secure software design and cybercrime. He has worked on a number of projects pertaining to penetration testing specializing in product/appliance security, networks, mobile and web applications while serving Fortune 500 clients for IOActive, KPMG and others. He has authored several papers for various magazines and journals including IEEE, Elsevier, CrossTalk, ISACA, Virus Bulletin, Usenix and others. His work has been featured in several media outlets including Associated Press, Fox News, The Register, Guardian, Business Insider, Kaspersky Threatpost, CBC and others. He has been an active speaker at industry conferences and presented at BlackHat, DEFCON, HackInTheBox, RSA, Virus Bulletin, OWASP and many others. Dr. Sood obtained his Phd from Michigan State University in Computer Sciences. Dr. Sood is also an author of “Targeted Cyber Attacks”​ book published by Syngress.

Similar Presentations:

• Black Hat USA 2010 / Drivesploit: Circumventing both automated AND manual drive-by-download detection
• DEF CON 12 (2004) / Google Hacking
• DEF CON 18 (2010) / Drivesploit: Circumventing Both Automated AND Manual Drive-By-Download Detection