Google Cloud Penetration Testing

THREATS, TACTICS AND PROCEDURES TTP

MITRE’S ATT&CK®

Google Cloud Pen Test

Initial Access to Google Cloud by Adversaries

1. Exploit Public-Facing Apps.
2. Trusted Relationship.
3. Valid Accounts.





Persistence of Adversaries in the Google Cloud

1. Account Manipulation.
2. Create an Account.
3. Implant Container Image.
4. Valid Accounts.

Privilege Escalation of Adversaries in the Google Cloud

1. Valid Accounts.





Defence Evasion of Adversaries in the Google Cloud

1. Impair Defences.
2. Modify Cloud Compute Infrastructure.
3. Unused/Unsupported Cloud Regions.
4. Valid Accounts.

Credential Access of the Google Cloud by Adversaries

1. Brute Force Attacks.
2. InSecure Credentials.





Discovery of Google Cloud’s Infrastructure by Adversaries

1. Account Discovery.
2. Cloud Service Dashboard.
3. Cloud Service Discovery.
4. Network Service Scanning.
5. Network Share Discovery.
6. Permission Groups Discovery.
7. Remote System Discovery.
8. Software Discovery.
9. System Information Discovery.
10. System Network Connections Discovery.

Collection of Data in the Google Cloud by Adversaries

1. Data from Cloud Storage Object.
2. Data from Information Repositories.
3. Data Staged.





Exfiltration of the Google Cloud’s Data by Adversaries

1. Transfer Data to Cloud Account.

Impact of Google Cloud Hacks

1. Defacement.
2. Endpoint Denial of Service.
3. Network Denial of Service.
4. Resource Hijacking.

