• Latest
  • Trending
  • All
  • News
  • Business
  • Politics
  • Science
  • World
  • Lifestyle
  • Tech
Hackers Cryptojack Microsoft Azure ML Clusters

Denial-of-Wallet attacks: How to protect against costly exploits targeting serverless setups

January 14, 2021
Innovative solutions for IT workers at home

ZEDEDA Announces Integration with Microsoft Azure IoT to Seamlessly and Securely Orchestrate Distributed Edge Computing Workloads at Scale

February 24, 2021
A moment of reckoning: the need for a strong and global cybersecurity response

ZEDEDA integrates with Microsoft Azure IoT to provide full lifecycle management capabilities

February 24, 2021
Innovative solutions for IT workers at home

SolarWinds Attack: Proof That On-Premises Active Directory Still an Effective Initial Access Vector

February 23, 2021
A moment of reckoning: the need for a strong and global cybersecurity response

Microsoft Affirms Solorigate Attackers Saw Azure, Intune and Exchange Source Code

February 23, 2021
How to use Microsoft Sysmon, Azure Sentinel to log security events

OPS101 – Securing your Hybrid environment – Part 1 – Azure Security Center

February 22, 2021
A moment of reckoning: the need for a strong and global cybersecurity response

Microsoft Ending Azure Information Protection Connections to Microsoft Defender for Endpoint

February 22, 2021
8×8 makes raft of updates to platform

Indonesian Mobile Operator Selects NTT for Microsoft Security Project

February 22, 2021
Microsoft To Build New Azure Cloud Data Centers In Greece

NTT completes Microsoft security project for Indonesian mobile operator

February 19, 2021
A moment of reckoning: the need for a strong and global cybersecurity response

Data insights without limit, security without compromise

February 18, 2021
8×8 makes raft of updates to platform

What Is Object Storage?

February 17, 2021
Microsoft To Open Azure Cloud Data Center Region In Spain

EMC Corporation Townsend security Hewlett-Packard Enterprise Gemalto N.V. Microsoft Azure Google Thales e-security International Business Machines (IBM) Broadcom

February 17, 2021
A moment of reckoning: the need for a strong and global cybersecurity response

Azure Firewall Premium now in preview

February 17, 2021
  • About
  • Advertise
  • Privacy & Policy
  • Contact
Thursday, February 25, 2021
  • Login
Azure Security News
  • Home
    • Home – Layout 1
    • Home – Layout 2
    • Home – Layout 3
    • Home – Layout 4
    • Home – Layout 5
  • News
    • All
    • Business
    • Politics
    • Science
    • World
    Innovative solutions for IT workers at home

    ZEDEDA Announces Integration with Microsoft Azure IoT to Seamlessly and Securely Orchestrate Distributed Edge Computing Workloads at Scale

    A moment of reckoning: the need for a strong and global cybersecurity response

    ZEDEDA integrates with Microsoft Azure IoT to provide full lifecycle management capabilities

    Innovative solutions for IT workers at home

    SolarWinds Attack: Proof That On-Premises Active Directory Still an Effective Initial Access Vector

    A moment of reckoning: the need for a strong and global cybersecurity response

    Microsoft Affirms Solorigate Attackers Saw Azure, Intune and Exchange Source Code

    8×8 makes raft of updates to platform

    Indonesian Mobile Operator Selects NTT for Microsoft Security Project

    Microsoft To Build New Azure Cloud Data Centers In Greece

    NTT completes Microsoft security project for Indonesian mobile operator

    A moment of reckoning: the need for a strong and global cybersecurity response

    Data insights without limit, security without compromise

    8×8 makes raft of updates to platform

    What Is Object Storage?

    A moment of reckoning: the need for a strong and global cybersecurity response

    Azure Firewall Premium now in preview

    Microsoft’s CyberX Acquisition Boosts Security of Azure IoT Lineup

    Global Industrial Cybersecurity Market By Offering Type, By Security Type, By End User, By Region, Industry Analysis and Forecast, 2020 – 2026

    Trending Tags

    • Donald Trump
    • Future of News
    • Climate Change
    • Market Stories
    • Election Results
    • Flat Earth
  • Tech
    • All
    • Apps
    • Gear
    • Mobile
    • Startup
    How to use Microsoft Sysmon, Azure Sentinel to log security events

    OPS101 – Securing your Hybrid environment – Part 1 – Azure Security Center

    A moment of reckoning: the need for a strong and global cybersecurity response

    Microsoft Ending Azure Information Protection Connections to Microsoft Defender for Endpoint

    Microsoft To Open Azure Cloud Data Center Region In Spain

    EMC Corporation Townsend security Hewlett-Packard Enterprise Gemalto N.V. Microsoft Azure Google Thales e-security International Business Machines (IBM) Broadcom

    A moment of reckoning: the need for a strong and global cybersecurity response

    Azure Engineer at VillageMD

    Innovative solutions for IT workers at home

    How to Sync On-Premise Active Directory Passwords with Office 365 and Google Apps in Real-Time

    Microsoft Azure Forms Collaboration to Enhance AI in Healthcare

    Azure Defender is now available for all IoT and OT devices

    Telecom Provider Migrates Confidently to Microsoft Azure with Fortinet’s Dynamic Cloud Security Solutions

    Google and Microsoft ID Group Targeting Security Researchers

    Innovative solutions for IT workers at home

    Microsoft Releases Application Guard for Office, Plus Azure Security Center and Azure Defender for IoT Products

    Microsoft spins off security, compliance bits from Microsoft 365’s priciest plan for E3 customers

    Show your HR backups the back door

    How to use Microsoft Sysmon, Azure Sentinel to log security events

    The Hack Roundup: Biden Orders Intel Assessment of Suspected Russian Malfeasance

    Trending Tags

    • Flat Earth
    • Sillicon Valley
    • Mr. Robot
    • MotoGP 2017
    • Golden Globes
    • Future of News
  • Entertainment
    • All
    • Gaming
    • Movie
    • Music
    • Sports
    Microsoft Flight Simulator Continues to Look Stunning in New Snow Video

    Microsoft Flight Simulator Continues to Look Stunning in New Snow Video

    Meet the woman who’s making consumer boycotts great again

    New campaign wants you to raise funds for abuse victims by ditching the razor

    Twitter tweaks video again, adding view counts for some users

    A beginner’s guide to the legendary Tim Tam biscuit, now available in America

    People are handing out badges at Tube stations to tackle loneliness

    Trump’s H-1B Visa Bill spooks India’s IT companies

    Magical fish basically has the power to conjure its own Patronus

    This Filipino guy channels his inner Miss Universe by strutting in six-inch heels and speedos

    Oil spill off India’s southern coast leaves fisherman stranded, marine life impacted

  • Lifestyle
    • All
    • Fashion
    • Food
    • Health
    • Travel
    Microsoft Seriously Beefs Up Security in Windows Server 2019

    Microsoft Offers More ‘Solorigate’ Advice Using Microsoft 365 Defender Tools

    A moment of reckoning: the need for a strong and global cybersecurity response

    Solar Winds, Office 365 & Shipbuilding…

    Aruba ClearPass Policy Manager Integrates with Microsoft

    Imprivata Expands Collaboration with Microsoft on New Digital Identity Innovations

    Microsoft Seriously Beefs Up Security in Windows Server 2019

    Microsoft Canada’s 10 biggest stories of 2020

    FAA issues new proposed Boeing 737 MAX pilot training procedures

    FAA issues new proposed Boeing 737 MAX pilot training procedures

    AMD breaks revenue records for 2019 and 4Q

    AMD breaks revenue records for 2019 and 4Q

    Microsoft and Analog Devices pair on 3D imaging tech

    Microsoft and Analog Devices pair on 3D imaging tech

    Microsoft is killing off insecure Cloud App Security cipher suites

    Microsoft is killing off insecure Cloud App Security cipher suites

    Rap group call out publication for using their image in place of ‘gang’

    Meet the woman who’s making consumer boycotts great again

    Trending Tags

    • Golden Globes
    • Mr. Robot
    • MotoGP 2017
    • Climate Change
    • Flat Earth
No Result
View All Result
Azure Security News
No Result
View All Result
Home Tech Mobile

Denial-of-Wallet attacks: How to protect against costly exploits targeting serverless setups

by AZURE SECURITY NEWS EDITOR
January 14, 2021
in Mobile
0
Hackers Cryptojack Microsoft Azure ML Clusters
491
SHARES
1.4k
VIEWS
Share on FacebookShare on Twitter

Over recent years, the popularity of serverless computing has exploded, as organizations continue to realize the benefits of this easily scalable, cloud-based infrastructure model.

In fact, one study estimates that the number of serverless customers will exceed seven billion by 2021.

With this trend, however, comes the added risk of cyber-attacks specifically targeting cloud-based infrastructure.

Counted among this growing list of exploits is the Denial-of-Wallet attack – a lesser-known but easy-to-execute technique that that can leave victims severely financially damaged.

What is a Denial-of-Wallet attack?

Denial-of-Wallet (DoW) exploits are similar to traditional denial-of-service (DoS) attacks in the sense that both are carried with the intent to cause disruption.

However, while DoS assaults aim to force a targeted service offline, DoW seeks to cause the victim financial loss.

In addition, while traditional web-based distributed denial-of-service (DDoS) attacks flood the server with traffic until it crashes, DoW attacks specifically target serverless users.

Contrary its name ‘serverless’ does not mean the user isn’t connected to a server, but rather that they pay for access to a server maintained by a third party.

Denial-of-Wallet attacks exploit the fact that serverless vendors charge users according to amount of resources that are consumed by an application, meaning that if an attacker floods a website with traffic, the site owner could be landed with a huge bill.

Read more of the latest cloud security news

An attacker doesn’t personally gain from DoW attacks in the same way they might through other exploits – except, of course, from causing their target financial distress.

“When you have servers in a data center and an attacker just wants to bring you hurt, they can DDoS you and your site goes down,” explains Scott Piper, AWS security consultant at Summit Route.

“When you run in the cloud, an attacker can do things such that your site might stay up, but you’ll be bankrupt.”

Denial-of-Wallet attacks flood cloud infrastructure with traffic, at huge cost to the user Make it rain: Denial-of-Wallet attacks can cause huge financial losses for serverless users

What is serverless computing?

Serverless computing is when backend services are supplied on a ‘used-by’ basis. The company pays a serverless vendor to provide the infrastructure and maintain the server.

Popular serverless brands include Amazon Web Services (AWS), Microsoft Azure, and Google Cloud Platform (GCP), which together count many millions of users.

Serverless pros

There are obvious upsides to using a serverless mode, one being that it allows smaller organizations to get their services live without the need to invest in hardware.

Another positive is that because the service is provided on a pay-as-you-go basis, the user isn’t charged for any bandwidth or resources they don’t use.

YOU MIGHT ALSO LIKE A guide to spear-phishing – how to protect against targeted attacks

“Serverless computing is stateless architecture for stateless applications, Erica Windish, founder of serverless vendor IOpipe, told The Daily Swig. ”I think there’s security benefits to such an architecture, as it enforces immutability.”

Because serverless environments are constantly being updated, this makes it difficult for malware or nefarious applications to stay dormant inside the infrastructure for too long.

Serverless cons

Employing serverless computing does, however, come with risks. For example, Windish notes, it can sometimes hinder the opportunity to perform an in-depth infrastructure analysis.

“Serverless also creates some challenges around security observability, such as if a compromised container is destroyed every five minutes to eight hours, how do you do a post-mortem? There are no tools to freeze or save those environments for analysis,” she said.

The serverless model also causes the user to rely on the vendor’s security practices. If the server is insecure, Denial of Wallet isn’t the only cyber-attack that administrators should be worrying about.

How can you spot a Denial-of-Wallet attack?

A victim will likely notice something is up when their bill is higher than expected. However, there are ways you can stop a Denial-of-Wallet attack before it becomes too costly.

In the first instance, Piper of Summit Route suggests setting up a billing alert. This will notify the user if they are exceeding a predefined spending limit.

Users should also employ limits to mitigate any runaway code, especially lines that can trigger an infinite loop scenario.

“Many people have stories about infinite loops happening in AWS that caused resources to be created over and over again, or a Lambda to trigger that caused itself to trigger again,” Piper said.

“This is a common enough problem that the Cloudwatch Event Rule documentation even has a warning about it.”

He added: “Without these limits an attacker could try to spin up a million EC2s, but due to these limits, the attacker might only spin up a few dozen EC2s.”

Denial-of-Wallet attacks are a growing threat to cloud computing securityServerless users should put limits in place to trigger billing alerts

Where does the term come from?

The origin of the DoW attack can be traced back to 2008, Piper told The Daily Swig, when it was termed ‘Economic Denial of Sustainability’ in a blog post by Rational Security.

Piper suggests that the term ‘Denial of Wallet’ was first used in 2013, pointing to a Twitter user named @gepeto42.

How can you protect against Denial-of-Wallet attacks?

There is no actual bulletproof protection against Denial-of-Wallet attacks. Instead, serverless users should put in place the above limits to trigger alerts should they become a target.

The OWASP Top 10 Serverless Threats (PDF) describes the risk of DoW:

To ‘protect’ against such attacks, AWS allows configuring limits for invocations or budget. However, if the attacker can achieve that limit, he can cause DoS to the account availability.

There is no actual protection that is not resulting in DoS. The attack is not as straightforward in traditional architecture as in serverless. Therefore, the risk should be high.

Measures should also be put in place to secure credentials associated with a serverless account.

Piper said that if an attacker is able to make costly API calls to a victim’s AWS account, “they likely also have the ability to delete all your files in S3, terminate all your instances, and cause other mayhem that has the potential to cause worse business impact”.

He suggested mitigating against this scenario by implementing least privilege services, enforcing multi-factor authentication on all users, and implementing service control policies.

Reference: https://portswigger.net/daily-swig/denial-of-wallet-attacks-how-to-protect-against-costly-exploits-targeting-serverless-setups

Share196Tweet123Share49
AZURE SECURITY NEWS EDITOR

AZURE SECURITY NEWS EDITOR

Related Posts

Microsoft Azure Forms Collaboration to Enhance AI in Healthcare

Azure Defender is now available for all IoT and OT devices

by AZURE SECURITY NEWS EDITOR
February 1, 2021
0

Microsoft announced Azure Defender for IoT hitting general availability for IoT and OT devices.This is a major step forward in...

How to use Microsoft Sysmon, Azure Sentinel to log security events

The Hack Roundup: Biden Orders Intel Assessment of Suspected Russian Malfeasance

by AZURE SECURITY NEWS EDITOR
January 26, 2021
0

President Joe Biden has directed the intelligence community to evaluate the widespread intrusion into federal agencies and U.S. tech companies...

Microsoft Outlines How To Set Up Windows Virtual Desktop

Enterprise Key Management (EKM) Market Incredible Possibilities, Growth Analysis and Forecast To 2025 – Google, EMC Corporation, Hewlett-Packard Enterprise, Gemalto N.V.

by AZURE SECURITY NEWS EDITOR
January 25, 2021
0

According to a new research report titled Enterprise Key Management (EKM) Market Global Industry Perspective, Comprehensive Analysis And Forecast by...

How to use Microsoft Sysmon, Azure Sentinel to log security events

Department of Homeland Security issues $3.3bn data center and cloud solicitation

by AZURE SECURITY NEWS EDITOR
January 25, 2021
0

The Department of Homeland Security has updated its solicitation for data center and cloud optimization services, with up to $3.35bn...

  • Trending
  • Comments
  • Latest
Microsoft’s CyberX Acquisition Boosts Security of Azure IoT Lineup

AZURE DEFAULT RESOURCE GROUP AND DEFAULT WORKSPACE: WHAT ARE THEY?

December 14, 2020
Microsoft Seriously Beefs Up Security in Windows Server 2019

TCS Launches Cloud Exponence on Microsoft Azure

January 21, 2021
Microsoft Launches Host of Security Products in Time for RSA

Microsoft to add two new Microsoft 365 security, compliance bundles to its line-up

November 26, 2020

Lady Gaga Pulled Off One of the Best Halftime Shows Ever

0

Barack Obama’s Now Mainly Focusing on Wearing This Casual Backwards Hat

0

Watch Justin Timberlake’s ‘Cry Me a River’ Come to Life in Mesmerizing Dance

0
Innovative solutions for IT workers at home

ZEDEDA Announces Integration with Microsoft Azure IoT to Seamlessly and Securely Orchestrate Distributed Edge Computing Workloads at Scale

February 24, 2021
A moment of reckoning: the need for a strong and global cybersecurity response

ZEDEDA integrates with Microsoft Azure IoT to provide full lifecycle management capabilities

February 24, 2021
Innovative solutions for IT workers at home

SolarWinds Attack: Proof That On-Premises Active Directory Still an Effective Initial Access Vector

February 23, 2021
Azure Security News

Copyright © 2020 - Azure Security

Navigate Site

  • About
  • Advertise
  • Privacy & Policy
  • Contact

Follow Us

No Result
View All Result
  • Home
  • News
    • Politics
    • Business
    • World
    • Science
  • Entertainment
    • Gaming
    • Music
    • Movie
    • Sports
  • Tech
    • Apps
    • Gear
    • Mobile
    • Startup
  • Lifestyle
    • Food
    • Fashion
    • Health
    • Travel

Copyright © 2020 - Azure Security

Welcome Back!

Login to your account below

Forgotten Password?

Create New Account!

Fill the forms below to register

All fields are required. Log In

Retrieve your password

Please enter your username or email address to reset your password.

Log In