You’ve likely heard of Denial of Service (DoS) or Distributed Denial of Service (DDoS) attacks, but did you know there is also another ..oS attack threat called Economic Denial of Sustainability (EDoS). This is where attackers take advantage of auto-scaling features with cloud providers and can cause your cloud bill to spike.
Attackers primarily target infrastructure as a service (IaaS) solutions. EDoS attacks use a common pattern of DDoS attack methods: exploiting cloud system vulnerabilities, such as old software versions, unsafe protocols, and publicly exposed IP addresses to install malicious software. They take over devices or cloud resources, which follow the attacker’s instructions and send fake traffic packets to a target system or service. This additional traffic causes the cloud service to scale up until it becomes economically unsustainable.
I haven’t seen many tools to defend against this attack, if you know of any let me know of Twitter or add a comment below.
I sent this to our Cyber Security and Networking teams for comment.
I suppose in the short run, the best defense would be a good alerting rule on either increased traffic or when things start to scale up.
I think applied ML to a baseline of traffic with observability would help. Combine that with a hardened practice around FinOps could likey catch most. Shared resources would be tougher