Black Hat – Windows isn’t the only mass casualty platform anymore

Windows used to be the big talking point when it came to exploits resulting in mass casualties. Nowadays, talks turned to other massive attack platforms like #cloud and cars

In years past, a massive Windows exploit netted mass casualties, but here at Black Hat, talks turned toward other massive attack platforms like clouds and cars. Windows is no longer alone at the front of the pack, hackwise – it has company.

It makes sense. If you can find a cloud exploit like one presented here on multi-tenant cloud platform database hacks, one user can slurp up data from another company with a few commands. That’s not good.

The cloud, by nature, is multi-tenant. This means multiple clients rent a segment of a single shared resource from a cloud provider. But where the intersections exist between tenants and hardware, a single flaw can expose many tenants to badness, and how would they know? How would you know?

Cloud vendors are more anxious to publish their security efforts than their security holes. And unlike Windows, where malware has to go snooping about machine by machine with comparatively small connections between them, the cloud naturally facilitates massive exploit spreading velocity between platforms, users, and data.

While some cloud vendors have made promises to protect you against this sort of thing, they favor themselves over your data. You, on the other hand, probably feel your own data is the more important thing.