What’s The Difference?
Comparing
thecomparative
effectiveness
What
are the
risksofoffour
four common
common attack
vectors against
against in-house
in-houseand
andcloud-based
cloud-basedinfrastructure.
infrastructure.
WEB APPLICATION ATTACKS
Working in the cloud, you access everything through web apps.
That makes a web app the logical method for attacks against a cloud
based infrastructure. In-house infrastructures can and often do utilize
web apps; however, other time and effort efficient options such as
phishing and exploits tend to work against in-house infrastructure.
Low Risk
High Risk
VULNERABILITIES / EXPLOITS
Cloud based infrastructures are a high value target for any attacker as
they contain more than any single network. Due to this, their
administrators are often well aware of new and upcoming
vulnerabilities and exploits. Despite this superiority, they are also
working in an environment which has been researched less, so the risk
of unknown vulnerabilities and exploits remains relatively high.
Low Risk
High Risk
PASSWORD CRACKING
Password cracking is an omnipresent threat; however, while the threat
persists, it’s effectiveness greatly differs depending on the
infrastructure and safeguards utilized. Many in-house infrastructures
rely on single factor authentication (username and password), with
cloud-based infrastructure multi-factor authentication is the standard,
and as such the risk of password cracking is all but eliminated.
Low Risk
High Risk
MALWARE
Malware typically gets onto a system due to user interaction.
Unfortunately, those compromised systems are what an in-house
infrastructure is composed of. This is not the case with cloud-based
infrastructure. So long as the access is secured, malware on an end-point
system poses virtually no risk to the cloud based infrastructure. As the
users are not directly able to affect the infrastructure, it is relatively safe.
High Risk
Low Risk