risks / Resource hijacking
Description
Allows an attacker to use system resources for their own purposes. Typically used for resource-intensive pursuits such as cryptomining, or to provide infrastructure for other illegal activities such as running a bot net.
Risk: MEDIUM
Exploited in isolation, this risk has the potential to create operational burden or monetary costs, or access organizational secrets.
Mitigations
- Monitor resource usage and spend
Links
Affected Privileges
An attacker may be able to exploit this risk if they gain any of the following privileges:
Google Cloud Platform
Kubernetes
© 2023–present P0 Security and contributors to the IAM Privilege Catalog