How Cybercriminals Abuse Cloud Tunneling Services

Our research examines how cloud tunneling services work and how organizations can thwart threats that abuse them.

By Ryan Flores, Stephen Hilt, Lord Remorin

Cloud tunneling services, which allow users to expose internal systems from their homes or businesses to the internet by relaying the traffic through cloud-based systems, have grown in use over the past few years. Unfortunately, as with any kind of service that helps developers and infrastructure administrators, cybercriminals have been abusing these services for various illicit operations.

Legitimate cloud tunneling services are beneficial to a wide range of people, from home users to large-enterprise employees. They are also commonly used to help developers test and deploy code, and to share services with select people and groups on the internet. The use cases for these services range from small-scale, such as playing local games with friends, to industrial-scale, including testing out large systems on the internet before pushing the code to production. Malicious actors, on the other hand, have their own method of using these services: They employ cloud tunneling to mask their real locations as well as for short-lived purposes, so they do not deploy permanent online infrastructure. 

In this article, we describe the legitimate uses of cloud tunneling services for enterprises and contrast them with how cybercriminals abuse these services. We also delve into security implementations intended to help users completely block cloud tunneling, or as an alternative, since some might be using these services, to best gauge and monitor the potential risk that using cloud tunneling services could bring. We also take a look at defense strategies that involve the detection of both authorized and unauthorized use of cloud tunneling services, including any potential attempt to bypass corporate restrictions by cybercriminals or rogue employees.



Like it? Add this infographic to your site:
1. Click on the box below.   2. Press Ctrl+A to select all.   3. Press Ctrl+C to copy.   4. Paste the code into your page (Ctrl+V).

Image will appear the same size as you see above.