Threat actors may rent Virtual Private Servers (VPSs) that can be used during targeting. There exist a variety of cloud service providers that will sell virtual machines/containers as a service. By utilizing a VPS, Threat actors can make it difficult to physically tie back operations to them. The use of cloud infrastructure can also make it easier for Threat actors to rapidly provision, modify, and shut down their infrastructure.
This type of attack technique cannot be easily mitigated with preventive controls since it is based on the abuse of system features.