Cloud-Based Fraud – How Serious Is The Problem?

Cloud-Based Fraud – How Serious Is The Problem?

Cloud-Based Fraud – How Serious Is The Problem?

Cloud services have brought untold benefits to both personal users and businesses around the world, but with its success has come a darker side – as the cloud unquestionably helps criminals commit fraud and other illegal activities.

Why does it Happen?

The cloud’s key benefits, such as rapid elasticity, on-demand provisioning, high availability and competitive pricing, are all equally as appealing to cybercriminals as to ordinary users.

Cloud-Based Fraud – How Serious is the Problem?

Cloud services are easy to purchase, can be reasonably anonymous, and can be controlled from anywhere in the world. Jeff Spivey, International Vice President of ISACA (an independent, non-profit, global association that engages in the development, adoption and use of globally accepted information systems knowledge and practices) says, “All of the advantages of the cloud for enterprises are [also] the advantages for the bad guys”. Adding “It’s the anonymity and scale that’s attractive to the fraudsters”.

How does it Happen?

There are many different routes open to a cybercriminal. From phishing schemes and money-transfer scams to identity theft and malware – each has its own dangers and requires its own prevention methods.

For a would-be criminal, the process is easy. Research suggests that stolen credit cards can be obtained on the black market for as little as one dollar. Once a criminal has a card it only takes a matter of minutes to sign up online and take control of their own server. The server will have been purchased using a stolen identity on a stolen card without physically talking to anyone from the service provider itself – it’s almost the perfect crime.

Raj Samani, Vice President and Chief Technology Officer of McAfee, also points out that despite the vast resources dedicated to protecting customer data by cloud providers, for a criminal it can still be easy to hack a legitimate customer account. “They use the VMs to use for their own fraudulent activities” says Raj. “Cybercriminals are now looking to Infrastructure as a Service to provide vast amounts of on-demand processing power to launch distributed-denial-of-service attacks”.

Banking Fraud in the Cloud

One of the most high profile fraud cases in recent years is that of ‘Operation High Roller’. An international criminal ring targeted wealthy people and commercial accounts across European banks, with McAfee estimating that anywhere between $75 million and $2.5 billion was stolen.

The entire fraud was conducted through the cloud. The combination of remote servers and the criminals’ intimate knowledge of banking transaction systems made it possible to automate the theft, rather than simply stealing user names and passwords and manually transferring money from a computer.

The fraud started with an email disguised to look like it came from the recipient’s bank. Clicking on a link in the message downloaded the malware that would later steal the information needed to perform fund transfers. Commenting on the attack, Dave Marcus, Director of Advanced Research and Threat Intelligence at McAfee, said “You can’t make a fraudulent transaction look like a valid transaction, if you don’t know what you’re doing, and these guys know what they’re doing”.

Detecting and Protecting

There is a fine line between balancing customer privacy concerns and preventing illegal activities. As result, cloud providers have spent huge sums on developing systems that monitor how customers use the service without monitoring the actual data. As soon as large scale fraud is detected the information is passed to the relevant authorities.

The difficultly for providers is not being over-zealous with their detection software. Customers who are regularly prevented from using the service the way they want because the provider wrongly assumes there is criminal activity will quickly get disenfranchised with the cloud and look to alternative methods of storage.

What do you think? Have you been a victim of cyber-fraud? Do you receive regular attempts to phish your details via email? Let us know in the comments below.

By Daniel Price

About Daniel Price

Daniel is a Manchester-born UK native who has abandoned cold and wet Northern Europe and currently lives on the Caribbean coast of Mexico. A former Financial Consultant, he now balances his time between writing articles for several industry-leading tech (CloudTweaks.com & MakeUseOf.com), sports, and travel sites and looking after his three dogs.

Find out more
View All Articles

Sorry, comments are closed for this post.

Your Biggest Data Security Threat Could Be….

Your Biggest Data Security Threat Could Be….

Paying Attention To Data Security Your biggest data security threat could be sitting next to you… Data security is a big concern for businesses. The repercussions of a data security breach ranges from embarrassment, to costly lawsuits and clean-up jobs – particularly when confidential client information is involved. But although more and more businesses are…

Knots And Cloud Service Providers

Knots And Cloud Service Providers

How Do These Two Compare? In Boy Scouts, I learned how to tie knots. The quickest knot you can tie is the slipknot. It’s very effective for connecting one thing to another via the rope you have. It was used in setting up tents, mooring boats to docks temporarily and lifting your food up into…

Driving Insight: Analytics And The Internet of Things

Driving Insight: Analytics And The Internet of Things

Analytics And The Internet of Things  For many businesses, the Internet of Things is playing an increasingly important role, influencing day-to-day operations and strategic planning. An ecosystem of growing complexity and sophistication, the IoT calls for careful navigation: advances in connectivity and cloud-based platforms have opened up a wider range of solutions to IT decision-makers…

You’ve Moved Your Data To The Cloud…What Now?

You’ve Moved Your Data To The Cloud…What Now?

Data To The Cloud…What Now? You’ve done the research. You’ve vetted multiple cloud solutions. You’ve chosen the right vendor. And you’ve migrated your data to the cloud. All done, right? Not so fast… While it has become a bit of a scary proposition for many organizations to put their trust in the cloud and start…

Drones: Unlimited Possibilities Await Us – Good And Bad

Drones: Unlimited Possibilities Await Us – Good And Bad

Drones: Unlimited Possibilities I have written two recent posts here on CloudTweaks about drones. The first, ‘The Pizza Delivery Drone’, was a somewhat comical look at what possibly is to come with future drones. The second was a look at the more immediately possible concept of a modular drone.  Modular drones are capable of supporting…

How Successful Businesses Ensure Quality Team Communication

How Successful Businesses Ensure Quality Team Communication

Quality Team Communication  (Sponsored post courtesy of Hubgets) Successful team communication and collaboration are as vital to project and overall business success as the quality of products and services an organization develops. We rely on a host of business tools to ensure appropriate customer interactions, sound product manufacturing, and smooth back-end operations. However, the interpersonal relationships…

Featured Sponsored Articles
How To Develop A Business Continuity Plan Using Internet Performance Management

How To Develop A Business Continuity Plan Using Internet Performance Management

Internet Performance Management Planning CDN Performance Series Provided By Dyn In our previous post, we laid out the problems of business continuity and Internet Performance Management in today’s online environment.  In this article, we will take a look at some of the ways you can use traffic steering capabilities to execute business continuity planning and…

Featured Sponsored Articles
Optimizing Digital Marketing Through Accessibility & Aesthetics

Optimizing Digital Marketing Through Accessibility & Aesthetics

Optimizing Digital Marketing In The Cloud Marketers are constantly looking for better ways to tantalize and engage customers, and there’s no space more competitive than the digital universe. Deliberating over pleasing layouts, effective calls to action, site responsiveness, and much more, digital marketers have more than enough to keep themselves busy without understanding the intricacies…

Featured Sponsored Articles

CloudTweaks is recognized as one of the leading influencers in cloud computing, infosec, big data and the internet of things (IoT) information. Our goal is to continue to build our growing information portal by providing the best in-depth articles, interviews, event listings, whitepapers, infographics and much more.

Sponsor