Database Reference
In-Depth Information
All of these attacks and counterattacks called the security of the cloud
enough into question to lead some well-respected experts to argue against
adopting cloud computing (Darrow 2013; Stapleton 2013). According
to the Privacy Rights Clearinghouse, in the irst two months of 2013,
twenty-eight breaches attributed to hackers were made public, resulting
in the loss of 117,000 data records (Gonsalves 2013). If hackers can steal
data from some of the largest computer and social-media irms, the larg-
est soft-drink company in the world, and vital infrastructure companies,
then whose cloud data is safe? Indeed, among the many attacks reported
in the winter of 2013, one that stood out made use of cloud computing
facilities to launch a concerted attack against major U.S. banks. Here
the major suspect was Iran, perhaps in retaliation for Stuxnet. However,
the most interesting part of the tale was not the culprit but the means.
Hackers mobilized the combined resources of several cloud data centers
to create what one account called their own “private cloud,” from which
they launched denial-of-service attacks that disrupted service for customers
of Bank of America, Citigroup, Wells Fargo, U.S. Bancorp, PNC, Capital
One, and HSBC, among others (Perlroth and Hardy 2013).
These hacking attacks are just those publicly reported. Many others are
known only to those affected because organizations do not want to call
attention to their vulnerabilities or to those they believe are responsible.
In fact, there is considerable debate in business and government about
whether attacks should be revealed at all. As one expert argued, “This is
just the tip of a vast iceberg, and the overwhelming majority of companies
today are terriied of talking too publicly about the issue, for fear of suf-
fering stigma or sparking panic. That means it is tough for any outsider to
get precise information about the overall scale of attacks” (Tett 2013). The
culprits also vary considerably from individuals intent on demonstrating
their prowess, to genuine thieves out to steal identities, company secrets,
and money, to others who are looking to disable corporate systems and
critical infrastructure ( New York Times 2013b). Far from diminishing
security threats, the move to the cloud increases them. That helps to
explain why attacks on U.K. businesses went from two a day in 2010 to
ive hundred a day in 2012 (Robinson 2013). As one analyst explained,
“All the vulnerabilities and security issues that on-premise, non-virtualized
and non-cloud deployments have still remain in the cloud. All that cloud
and virtualization does is enhance the potential risks by introducing
Search WWH ::




Custom Search