Akademik Veri Yönetim Sistemi
Jordanian Journal of Informatics and Computing, cilt.1, sa.1, ss.37-48, 2025 (Hakemli Dergi)
The main objective of this study is to conduct a comprehensive analysis of cyber risks in cloud computing, including classifying threats, vulnerabilities, impacts, and countermeasures. This classification helps to identify suitable security controls to mitigate cyber risks for each type of threat. Additionally, this study aims to explore the main vulnerabilities in terms of infrastructure, service and platform in cloud computing. This study uses the content analysis technique to collect, analyze, and classify data in terms of types of threats, vulnerabilities, and countermeasures. The methodology comprises four primary stages: (1) identifying key components, (2) threat identification, (3) vulnerability identification, and (4) countermeasure identification. The results indicate that DoS attacks and account hijacking attacks were the most prevalent infrastructure vulnerabilities in cloud computing, each accounting for 14% and 10% of incidents. The results found that unpatched software and weak access controls were classified as the most critical threats in the service level in cloud computing, comprising 17% and 12% of incidents, respectively. The results also indicated that encryption methods, access controls mechanisms and firewall malware protection are the most significant and effective countermeasures for protecting the infrastructure, service and platform in cloud computing environment. The findings of this study provides valuable recommendations for academic research in classifying the different types of cyber threats and understanding the significant security controls against cyber-attacks in cloud computing.