Cloud computing have three service models such as software as a service, platform as a service and Infrastructure as service. These all facilities are on cloud. But what are threats and attacks that occur on these models?
What are attacks that can occur on Cloud computing service models?
Different types of attack can be applied on IaaS, PaaS & SaaS depending on which components are residing on the cloud (see diagram attached). But bear in mind those internal components not in the cloud also can be exposed to attack if they are not fortified internally within the organization. You can refer to the CSA CCSK 14 domains that share what possible attacks & remedies are applicable to which components inside each IaaS, PaaS & SaaS (see pdf link below). E.g. Domain 8 for networking, server, storage & OS components, Domain 13 for virtualization component, Domain 5 for data component in IaaS & PaaS, Domain 10 for application component. Wishing you all the best.