As the world moves more and more information to cloud services from the likes of Amazon and Google, these services don’t always interact as effectively as they should. Amazon Web Services can save you money, but Panos Ipeirotis tells a tale that shows there are cases where the cloud can backfire, writes Wired Enterprise’s Robert McMillan.

When Panos Ipeirotis checked his Amazon Web Services bill last week, he started to sweat. It was $1,177.76 — much more than he’d ever been charged before — and it was going up another $50 to $100 with each passing hour. He had no idea why. After a some investigation, he found the problem. He had accidentally invented details how he accidentally invented a brand new type of internet attack, thanks to an idiosyncrasy in the online spreadsheets Google runs on its Google Docs service, and he had inadvertently trained this attack on himself. He calls it a Denial of Money attack, and he says others could be susceptible too. Ipeirotis, an information operations professor at New York University, had created a pretty unusual spreadsheet. As part of an experiment in how to use crowdsourcing to generate descriptions of images, he had posted thumbnails of 25,000 pictures into a Google document, and then he invited people to describe the images. The problem was that these thumbnails linked back to original images stored on Amazon’s S3 storage service, and apparently, Google’s servers went slightly bonkers. “Google just very aggressively grabbed the images from Amazon again and again and again,” he says.

Amazon forgave the charges, and Google says it’s investigating, but a new cloud attack was born: The denial of money-attack. In his blog post on the issue, Ipeirotis writes he believes Google will do the right thing and fix the problem. But until it is fixed, anyone can set up a similar spreadsheet and launch a costly suck-job on an cloud customer. “Google becomes such a powerful weapon due to a series of perfectly legitimate design decisions,” he writes.

Weigh in: Will the denial-of-money attack strike cloud services again? What should Amazon and Google do to stop this from happening again?