Clouds aren’t safe!

At last week’s Black Hat USA conference in Las Vegas, a number of security researchers demonstrated new ways of attacking cloud computing services. One of the more notable presentations, “Clobbering the Cloud,” looked at the vulnerabilities in Amazon’s cloud infrastructure, Apple’s MobileMe service, and Salesforce.com’s cloud platform. Another demonstration showed how both Microsoft and Amazon used insecure methods for password retrieval. And still another presentation examined how the supposedly secure protocol SSL could be defeated.

But hacks alone aren’t the only dangers to be found when moving to the cloud, as the Black Hat presentations quickly made clear. In reviewing the dangers brought up by the researchers, it was enough to make anyone wonder: is cloud computing putting us and our data at risk?
Cloud Danger #1: All Yours Eggs in One Basket

In Sensepost’s presentation about cloud vulnerabilities (available here as PowerPoint download), they make note of the fact that moving your data to a cloud service is the equivalent of “putting all your eggs in one basket.” Not too long ago, we saw a perfect example of the worst-case-scenario of doing just this. Earlier this year, social bookmarking site Ma.gnolia experienced a server crash that resulted in massive data loss - enough to shut down the service for good. Users’ bookmarks were unrecoverable. Permanently.

While that incident may have had only a minimal impact on the world at large, Sensepost pointed out a few other examples that were much worse including that of online storage service MediaMax (also called The Linkup) which went out of business following a system administration error that deleted active customer data. Then there was the incident where Salesforce.com customers were locked out of their critical business applications during a service outage. And finally, they mentioned Nokia’s Ovi crash which resulted in three weeks of lost user data as contacts simply disappeared from people’s phones. There were no backups in place, either.

Source

Related posts:

1. Global Secure Systems: Cloud Computing is safe…for malware “The danger here is that companies may find their...
2. Oracle all set to take lead in [private] Cloud Computing Cloud computing encompasses the areas of SaaS (software as...
3. Salesforce takes Haagan Dazs to the Clouds Salesforce.com is trying to expand on its already popular web-based...
4. SAS, NetSuite, SalesForce head for the Clouds SAS already offers OnDemand in a dozen areas, including...
5. Appirio connects friends in the Cloud to Salesforce When we talk about cloud computing, we often talk...
6. Security in Clouds: Leaky, buggy Clouds The bug made exploitation the electronic equivalent of a...
7. How Google and Amazon’s Clouds will kill Data Centers worldwide The Elephant in the Room: Google Google has been...
8. Indian IT firm, Wipro enters Cloud Computing market I asked how Wipro could compete in the U.S....

Leave a comment