This technique is an extension of the MITRE ATT&CK matrix and represents an attacker abusing a cloud misconfiguration.

Cloud misconfigurations refer to the setup or configuration of cloud services in a way that can leave the service open to exploitation. Examples include poor identity and access management, lack of data encryption, or insecurely configured network controls.

Mitigations: Examine the configuration of cloud accounts and services to ensure that security best practices are followed. Cloud Providers often provide best practice guidelines for each of their services.