Some odd and potentially dangerous behavior within the Google Cloud Platform (GCP) was revealed by cloud security company Mitiga Thursday. If GCP is not configured correctly, it could be exploited by attackers to engage in malicious activity inside a user’s cloud environment, according to a blog posted on the Israeli company’s website.
The behavior is linked to one of the APIs used by Google Cloud. The API allows users to retrieve data from serial ports, but by creating a virtual machine in the cloud, data could also be continuously written to the ports. Moreover, because of the way Google Cloud classifies such traffic, administrators aren’t given much visibility into it.