Running head: GOOGLE CLOUD SECURITY BREACH Google Cloud Security Breach Dillion Pitcock Dr. Santiago CSU Global October 27th, 2019 1 GOOGLE CLOUD SECURITY BREACH 2 In 2019, hackers have abused Google Cloud platform to attack consumer routers. There have been DNS hijacking attacks against D-link routers whose origin is the Google Cloud Platform. The attackers use Google’s cloud computing service to reroute and intercept traffic in a variety of consumer routers. Some of these targeted routers included D-Link, ARGtek, and DSLink among others. The DNS hijacking attack caused the routers to redirect traffic to wrong websites. The attacks originated from rogue DNS servers hosted on the Google Cloud Platform. The attackers initially utilize the capabilities of Google’s cloud service to probe for vulnerable routers that have high chances of being exploited. The attackers use malicious code to remotely configure the targeted routers to specific DNS servers (own servers). Any user with a Google account has access to Google Cloud Shell that provides root privileges openly in a web browser. The routers are made more vulnerable by the delayed response from Google. The response time by Google after reporting cases of abuse is slow which makes the attacks easy to propagate. GOOGLE CLOUD SECURITY BREACH References Moore, M., & IGI Global. (2017). Cybersecurity breaches and issues surrounding online threat protection. Hershey, Pennsylvania: IGI Global 3
Purchase answer to see full attachment