• Goa'20
  • Speakers
  • Rushikesh Vishwakarma & Ashwin Vamshi

Rushikesh Vishwakarma & Ashwin Vamshi

Rushikesh Vishwakarma & Ashwin Vamshi

Talk Title:

Cloud As an Attack vector

Abstract:

The usage of cloud has grown exponentially. Cloud offers a great deal of flexibility, reliability, accessibility, and uptime to the services running on it. Enterprises now use Cloud for storing critical data, confidential data and collaborating data with shared users. The adoption of the cloud has also given full scope for cybercriminals, malware authors, and threat actors to launch attacks and stay under the radar. The recent Cloud report released by Netskope mentions that in an enterprise, an average of one thousand or more cloud services are in use, which includes both sanctioned (IT approved) and unsanctioned apps (shadow IT apps). Gartner's security predictions say that by 2020, more than a third of successful attacks experienced by enterprises will be in their shadow IT resources. Accordingly, we see a surge in malware using Cloud services. The usage of the Cloud is not only limited to an attack delivery surface, but also as an infrastructure hosting surface where threat actors can host Command and Control (C&C ) servers inferring Cloud as a potential attack vector.

Bios:

Rushikesh Vishwakarma

Rushikesh Vishwakarma is a Security Researcher at Netskope. He has an interest in targeted attacks and malware using cloud services, different campaigns and threat actors that use ‘cloud as an attack vector’.

Ashwin Vamshi

Ashwin is a Security Researcher at Netskope. His research has been quoted in Forbes and also in several Infosec magazines and online portals. Ashwin primarily focusses in identifying malware, campaigns and threat actors that use 'Cloud as an attack vector'.

Copyright © 2019-20 | Nullcon India | International Security Conference | All Rights Reserved