Insider Attacks in Cloud Computing

The computer-security industry is familiar with the concept of a Malicious Insider. However, a malicious insider in the cloud might have access to an unprecedented amount of information and on a much greater scale. Given the level of threat posed by insiders, and the rapid growth of the cloud computing ecosystem, we examine here the concept of insider attacks in cloud computing. Specifically, if more of our assets are going to reside in the cloud, and as increasingly our lives, enterprises and prosperity may depend upon cloud, it is imperative that we understand the scope for insider attacks so that we might best prepare defenses. We need to understand whether cloud might expose our assets to increased threat in terms of both actors and attack surface. We present here an assessment of current insider threat definitions and classifications, and their applicability to the cloud. We elucidate the nature of insiders with reference to the cloud ecosystem and close with examples of insider attacks which are specific to cloud environments (and hence hard to detect using current techniques).