Security researchers and cybercriminals have started to pay closer attention to the cloud as more data moves to this environment. Infrastructure-as-a-service (IaaS) is one of the most prevalent cloud computing models and allows administrators to remotely provision underlying IT infrastructure on demand.
During our research, we found many issues with how the security of IaaS environments was managed. One of the main issues was incorrectly configured access permissions that allowed anyone to access sensitive information stored in the cloud.
Read more about how relatively unskilled attackers could potentially gain access to data in unsecured IaaS environments in our paper.