Case Study: Is Cloud Computing Really Secure?
Cloud computing is the latest buzz. There isn’t a computing and data publication that doesn’t include something about cloud computing. The market size is into the billions of dollars. According to many in the industry, “a new virus is created every one to two seconds.” So is cloud computing really secure?
Cloud computing is not new. The concept of utilizing massive amounts of computing power in one location to address application owned or utilized by organization or individuals that are not commercially or personally connected has been going on for years. Today, popular applications such as Google Chrome, Amazon, Flickr photos, Facebook, MySpace, email services, and many others utilize cloud computing. Cloud Compton’s basic premise is that all of the services need outside access anytime and from anywhere. This is in direct conflict with the first line of defense. The first line of a defense in depth strategy is that of network-based controls or better known as “Firewalls” So, now we have massive amounts of computing power accessible from anywhere, always available and affordable. There is one lesson the industry has learned is that massive amounts of processing power can be used for good or evil. This is a hackers dream and hackers are in the early stages of a new series of attacks. These attacks will be more destructive and pervasive than what we have seen to date.
Due to the very nature of the systems architecture required for cloud applications, leaves the cloud extremely vulnerable. Gaining access is half the battle for cyber criminals. Now that cyber criminals have gained internal access, they can become more effective, faster and stealthier.
The known and yet to be discovered holes are now more accessible than ever. Botnets (bots) that can scan the entire cloud providers physical infrastructure will learn the vulnerabilities and attack from within. VM vulnerabilities that are just now being understood will be exploited. Cross machine attacks will begin to surface. DDoS will be launched within the cloud infrastructure, thus attacking the very customers housing data within that cloud. cyber criminals will place bots disguised as custom applications within the cloud. These applications will be used in a variety of ways. They can be used to consume an extraordinary amount of the CPU or the clouds computing cycles. This will, at the will of the cyber criminal, slow everything down and possibly to a halt. Disguised application will be used to turn on and off network defenses at will and without detection. Successful mutations are a function of access and computing power. It only takes a change factor of one bit to start a new virus. Thus, creation or mutations will escalate and side step the vast majority of today’s security devices. In the cloud, your data is now placed on massive storage disc. along with millions of other customers data. These types of attacks that will be coming forth will exploit these holes.
The only solution will be to add, “intelligence and inspecting all seven OSI layers using multiple sensors along with automation”. By detecting and then analyzing the little change factors, the payloads, the small attempts, and etc. These algorithms that take present evidence and accurately determine the proper solution can protect our vital computer and network infrastructure.
The cloud is not as safe as you might think.
Source: Popular Science April 2011 Issue “Hacking the Cloud”