Detecting and mitigating account hijacking in cloud services
Account hijacking happens when an account (either belonging to a human or a system/application/service account) is compromised and an unauthorized person gains access to use resources and data on behalf of the (usually high-privileged) compromised account.
Here are some common consequences of account hijacking:
- Unauthorized access to resources
- Data exposure and leakage
- Data deletion
- System compromise
- Identity theft
- Ransomware or malicious code infection
- Account lock-out
- Denial of services
- Denial of wallet (there could be a huge cloud spend due to resource misuses such as Bitcoin mining)
- Website defacement