So you're hanging out minding your own business when suddenly you get hit by a car. After the investigation, it turns out that the car was actually aiming for the person next to you. Only you're the one that is dead.
I was participating in a Cloud Computing Security workgroup run by ENISA this week, and the concept of collateral damage came up.
Cloud computing gets its benefit through the efficiency of resource allocation. It gets this benefit by allowing multiple parties to share the resources since they only need some subset of the maximum available resources.
Regardless of the architecture, there will be a point where resources (cpu, network, storage, application, etc.) are shared, and an attack against those resources may affect multiple parties. For these scenarios, the risk associated with those multiple parties must be considered.
Some examples of collateral damage:
- An attacker acquires a virtual machine through commercial means or compromise and executes a previously unknown VM escape attack, or an attack against the storage subsystem.
- An attacker finds a SQL injection vulnerability against a SaaS provider.
- An attacker operating from resources shared by you, is identified by authorities and those resources are confiscated by government authorities.
It is not clear that these risks are particularly high, and if you are extremely risk tolerant it is unlikely that they will impact you at all (it is the resource with the