Cloud Computing is a relatively recent term in information technology. With its flexible and powerful computational architecture, it offers significant benefits to the users. It is suitable for short-term projects, where the applications require high performance for the launching but no large investments for the infrastructure are required. As a result, it can be abused by hackers and cybercriminals to crack passwords, keys and encryptions, where a massive parallel cloud performance is required to speed up the operations.
The main goal of this thesis is to answer the question: What is a Cloud-Supported Attack? To help answer this, it focuses on the issues of why penetration testers, cybercriminals and hackers use cloud resources, how they own and use them and why it is hard to prevent them from using cloud for illegal operations.
To address the aim of this thesis in a meaningful way, it is divided into three main chapters. The first chapter provides a theoretical introduction to Cloud Computing and its related technical terms. The second chapter then focuses on the methodologies, how cloud resources are used to break encryptions and passwords to stage the DDoS and other attacks and to provide the related technical specifications.
In order to combine the theoretical explanations of the first chapter and the methodologies of the second chapter, the third chapter describes two famous real-life incidents, where Cloud Computing is used to attack specific targets.