Skip to main content
  • Industry Solutions
    • Managed Service Providers
    • Enterprise Solutions
    • Developers & Startups
    • Healthcare
    • Trading and Financial
      • Chicago Managed Trading Servers
      • Trading and Financial Colocation: Chicago & New Jersey
    • IBM AS/400 and iSeries Users
  • Support
    • Register
    • View Tickets
    • Submit a Ticket
    • Knowledgebase
    • News
  • Steadfast Blog
  • Steadfast Podcasts
  • Contact Us
Home
  • Call Us
  • Call | 888.281.9449
  • Login
  • Search

This form logs you into your management portal account. To access your help desk account, click here and use the form to the right of the news.

  • Cloud Hosting
    • Cloud Hosting
    • Private Cloud
    • Hybrid Cloud
    • Public Cloud
    • Cloud Storage
      • Secure File Share
      • Wasabi Cloud Storage
    • Virtual Data Center Platform
  • Managed Hosting
    • Bare Metal Dedicated Servers
      • Deep Learning GPU Dedicated Servers
      • Linux Dedicated Servers
      • Windows Dedicated Servers
    • Virtual Private Servers
    • Data Center Colocation
      • Managed Colocation
      • Chicago: 350 E Cermak
      • Chicago: 725 S Wells
      • Edison, New Jersey
    • Security & Compliance
      • Managed Firewall
      • SSL VPN
      • DDoS Protection
      • Email Security
  • Backup & Disaster Recovery
    • Backup
    • Disaster Recovery
    • Veeam Backup & Replication
    • Veeam Cloud Connect
    • Wasabi Cloud Storage
  • Why Steadfast
    • Why Steadfast?
    • About Steadfast
      • Our History
      • News and Press
    • Data Centers & Network
      • Our Data Centers
      • Our Network
      • Network Test
      • Peering Policy
    • Customer Stories
    • Service Level Agreement
  • Industry Solutions
    • Managed Service Providers
    • Enterprise Solutions
    • Developers & Startups
    • Healthcare
    • Trading and Financial
      • Chicago Managed Trading Servers
      • Trading and Financial Colocation: Chicago & New Jersey
    • IBM AS/400 and iSeries Users
  • Support
    • Register
    • View Tickets
    • Submit a Ticket
    • Knowledgebase
    • News
  • Steadfast Blog
  • Steadfast Podcasts
  • Contact Us
Close
Return to All Blog Posts
Why Do Hackers Want Your Cloud Server’s Resources

Why Do Hackers Want Your Cloud Server’s Resources?

March 1, 2017 in
Cloud

Any server connected to the internet for more than a few hours will come to the attention of online criminals. Usually, that attention is entirely automated: crawlers and bots trawl the internet looking for servers, probing them for vulnerabilities in the hope of finding a chink through which they can infiltrate ma and exfiltrate data.

To protect servers from online criminals, it’s useful to know exactly what their motives are: how do they benefit from taking control of a server. These criminals are pragmatic in the extreme, and before we look at some of the technical reasons they want servers, it’s important to understand the underlying motivation: money. The ultimate goal is always to generate revenue for the criminal, whether directly or indirectly.

There are different ways online criminals can make money, and most of them depend on having access to a reliable source of bandwidth and computational power. No one wants criminals to have access to their servers, and, when they find out they’ve been hacked, server admins immediately close whichever hole the attacker slithered through. Criminals have to constantly replenish their stock of compromised machines, which is why they’re always on the look out for vulnerable servers.

Botnets

A botnet is essentially a network of compromised computers under the control of a hacker. They’re used for a wide variety of purposes. One of the most common is as a platform to host the scanners and crawlers we mentioned earlier. Large botnets constantly prowl the web in search of vulnerable servers, content management systems, and eCommerce stores.

But they’re also used to launch distributed denial of service attacks. DDoS attacks use many different machines to bombard victims with huge amounts of bandwidth, knocking them off the internet. That much bandwidth is hard to come by, and the criminals certainly don’t want to pay for it, so they compromise servers and install software that can be used to direct the server to spray data at targets of their choice.

Spamming

You may not see much spam because modern spam filtering technology is very good. However, millions of spam emails are sent every day, most of it from compromised servers.

When inbox providers and blacklist maintainers realize spam is being sent from a server, they will block its IP address, which, in addition to having your server's resources wasted, will mean you can no longer send legitimate email from it.

Bitcoin Mining

Imagine that one day you receive the bill for your cloud infrastructure hosting, and it’s ten or even a hundred times larger than usual. This is not an uncommon scenario. Bitcoin miners target insecure servers and install mining software that uses the computer’s processing power to mine new Bitcoins.

The worst attacks of this sort happen when cloud management credentials fall into the hands of hackers, allowing them to spin up many high-compute servers, which can lead to a very surprising bill.

Intellectual Property And Sensitive Data

For companies that store sensitive data, a compromised server can be a disaster. The majority of hacked servers aren’t the result of targeted attacks against a company, but a company can have its reputation and competitive advantage if user or company data is leaked.

Hosting Malware Sites And SEO Spam

Finally, hackers use compromised servers to host websites that serve malware to unsuspecting visitors. Visitors are drawn to these sites by malicious advertising or phishing attacks, and when they arrive, their computers will be probed for weaknesses and compromised.

For the most part, your server won’t be targeted by a highly motivated and sophisticated attacker. Most attacks are part of the everyday automated numbers game played by online criminals. If you keep your servers’ software up-to-date and use unique and sufficiently complex authentication credentials, the chances of a successful attack against your server are reduced.

But, if your servers are targeted and compromised, it pays to use malware scanning and intrusion detection systems to find out sooner rather than later.

Share This
facebook twitter email compact

Comments (0)

Leave a Comment

Get an image next to your comment by visiting Gravatar.com and uploading a profile photo that links to your address.

Search the Blog

Categories

backup
(1)
bare metal
(1)
Business Talk
(23)
Chicago
(11)
Chicago colocation
(1)
Cloud
(34)
cloud backup
(1)
cloud services
(2)
colocation
(4)
colocation services
(1)

Archives

  • August 2022 (1)
  • March 2022 (3)
  • October 2021 (1)
  • January 2021 (1)
  • July 2020 (1)
  • June 2020 (1)
  • April 2020 (1)
  • March 2020 (1)
  • August 2019 (1)
  • July 2019 (1)

Follow Us

  • Facebook
  • Twitter
  • LinkedIn
  • RSS Feed
  • 312.602.2689
  • ColoHouse Sales
  • Facebook
  • Twitter
  • YouTube
  • LinkedIn

Services

  • Cloud Hosting
  • Managed Hosting
  • Backup & Disaster Recovery

Solutions By Industry

  • Enterprise Solutions
  • Trading & Financial
  • Healthcare
  • Developers & Startups
© 2023 Steadfast
  • Log In
  • Site Map
  • Legal Info & Privacy Policy