What is 'Cloud Hijacking'

Cloud hijacking is the breaking into or taking over of the cloud account of an individual, business or other organization by an unauthorized user. Cloud hijacking can be accomplished by stealing a user’s login credentials or by hacking. Cloud systems are an attractive target for cybercriminals since they contain so much information in a single location. This information can be used to steal money, commit identity theft and expose company trade secrets. It can also be used to spread malicious software or send users to spoofed websites.

BREAKING DOWN 'Cloud Hijacking'

Cloud hijacking occurs because cloud-based services have many points of vulnerability. An individual user’s account can be hacked through the theft of a device like a laptop or smartphone or by first compromising the individual’s email account or computer. An entire cloud service can also be hacked, at great expense to businesses and their customers. After hijacking a cloud account or system, criminals may manipulate or steal data and eavesdrop on company activities.

Cloud-based services are also vulnerable to service traffic hijacking where a hacker can redirect customers to a fraudulent site or a competitor’s site, and to denial of service (DoS) attacks that prevent users from accessing their accounts. In addition, hijacked cloud accounts can be used to install malware on other systems. Session hijacking, where an attacker pretends to be an authorized user and accesses his or her account, is one of the top cloud computing threats. Hijacking is not always immediately detectable, either, which can result in protracted losses.

Software that steals session cookie data can allow attackers to pretend to be authorized users and hijack a cloud-based account. Purposely embedded malicious code can steal a user’s session data and send it to an unauthorized user. Cloud hijackers can even use the data they steal to hold sensitive data ransom. Public networks where data transmissions are insecure increase the risk of cloud hijacking.

Ways to Prevent Cloud Hijacking

Users of cloud services can limit their exposure to cloud hijacking in several ways. HTTPS encryption that lasts for the duration of a user’s session can help protect against cloud hijacking. So can choosing a reputable cloud storage provider that uses strong security measures. Such measures might include conducting background checks on employees, requiring strong authentication measures for cloud users, continuously monitoring data, securely backing up data and encrypting sensitive data. However, some of these protective measures are also potential weaknesses; for example, encrypted data becomes inaccessible if the encryption key is lost, and multiple backups of cloud data mean more opportunities for it to be stolen. It’s also important to ask about a prospective cloud service provider’s history of breaches, data losses and downtime.

RELATED TERMS
  1. Cloud Security

    Cloud security is the protection of data stored online from theft, ...
  2. Cloud Computing

    Cloud computing is a model for delivering information technology ...
  3. Cloud Storage

    Cloud storage is a way for businesses and consumers to save data ...
  4. Cloud Mining

    Cloud mining offers a mechanism to mine a cryptocurrency such ...
  5. Encryption

    Encryption is a means of securing digital date using an algorithm ...
  6. Eavesdropping Attack

    An eavesdropping attack is an incursion where someone tries to ...
Related Articles
  1. Tech

    Hacker Protection: When to Get a Personal Cloud

    With data breaches increasing, it's more important than ever to find the safest way to store your valuable files.
  2. Investing

    What the AWS-VMware Cloud Deal Means (AMZN, VMW)

    VMware's private cloud and virtualization tools will run on Amazon's public cloud platform, catapulting AWS' dominance against rivals Google and Microsoft.
  3. Investing

    Microsoft Now the No. 2 Cloud Supplier: Gartner

    Microsoft is closing in on Amazon in the red-hot cloud computing market.
  4. Investing

    Google, Nutanix Announce Cloud Partnership

    The deal will help large enterprises sign up for Google's cloud service using Nutanix's products.
  5. Investing

    What's Behind Cloud Peak's 56% One-Month Rise? (CLD)

    With its year-to-date stock gains of 167%, coal producer Cloud Peak Energy has operated above the clouds for some time.
  6. Investing

    US Complains About China Cloud Restrictions

    U.S. lawmakers sent a letter to the Chinese ambassador complaining about restrictions on foreign cloud computing players.
  7. Investing

    Apple Confirms It Uses Google's Cloud for iCloud

    Google's cloud wins business from market leaders Amazon and Microsoft.
  8. Investing

    Google, Cisco Ink Cloud Deal to Take on AWS, MSFT

    The tech giants will jointly develop products for use in the cloud and in on-premise data centers.
  9. Investing

    Amazon Leads Cloud Services by Wide Margin (AMZN)

    Amazon continues to be the undisputed leader of cloud infrastructure services.
  10. Investing

    AT&T Joins Amazon in Cloud Partnership (T, AMZN)

    The U.S. telecommunications conglomerate will link its private network service with AWS shortly after securing another cloud deal yesterday with IBM.
RELATED FAQS
  1. Why is the Dark Cloud Cover pattern important for traders?

    Learn the significance for traders of the dark cloud cover candlestick pattern, a bearish indicator closely related to the ... Read Answer >>
  2. Is Apple Pay safe and free?

    Learn more about Apple Pay, one of Apple's newest and most metamorphic programs that is changing the way consumers purchase ... Read Answer >>
  3. When is managerial accounting appropriate?

    Understand the difference between managerial accounting and financial accounting, and learn common scenarios in which managerial ... Read Answer >>
  4. What are the advantages of paying with Bitcoin?

    Learn how payments made with Bitcoins offer certain advantages over standard currency, including user anonymity, no taxation ... Read Answer >>
Trading Center