|Homepage / Publications & Opinion / Articles, Lectures, Preprints & Reprints (post 2002)
How the Cloud brings improved security
Peter Cochrane, Business Cloud News, 11 Apr 2011
Telecommunications and IT expert Dr Peter Cochrane discusses cloud security for Business Cloud News this week, and explains why the cloud could help us join together to mount a fight against hackers, attackers and schemers in the cloud. Or as Peter prefers to call them, “the Dark Side of the Force…”
Before the invention of gunpowder and the cannon a fortress might have made sense, whilst marching around a battlefield in a bright red tunic became suicidal when the slit trench, sharp shooter and machine gun arrived.
Camouflage and presenting a low target profile whilst moving at the right time are proven survival techniques for any theatre of conflict. And moving under the cover of darkness can improve the odds of survival even further despite the invention of radar and night vision technology.
The parallel between dodging bullets and dodging bits is now marked with the rise of Denial of Servise (DoS) becoming a regular feature of internet life. But the majority of web sites/servers/hubs and terminals are big, singular, dumb, static, very visible, and take no avoiding action – in short; they are sitting ducks. Firewalls are mostly ineffective against determined attackers, and the insider threat remains largely ignored despite generally being acknowledged as the biggest risk.
So, it is not too hard to guess what those companies and institutions are doing, who quietly go about their business whilst the rest reel against yet another broadside from the ‘bad boys’. It is also obvious that DoS attacks are not going to cease anytime soon. A growing and invisible army of compromised machines (botnets) is now a fact of internet life.
We should therefore see all forms of attack to be like snow in winter – no big surprise. But the power to repel or disable the attackers lies with industry, governments, and us as individuals. Every machine, server, ISP, and network node is a potential point of entry. Why make it easy for them? Why wait for an attack, suffer damage, and then act retrospectively to repair that damage and then go about trying to limit the effect of the next wave of attacks. And why-oh-why put all the eggs in one basket – one site in one static location?
There are people who actively participate in the dark side, as well as those who refuse to take precautions, or through ignorance, don’t know any better. There are also countries, ISPs and network providers who open the floodgates to everything. But we have reached a point where responsibility ought not to be optional.
If we don’t want to suffer damage, history tells us not to build fortresses, stand still, make ourselves stand out, or present a large target profile to an enemy. It appears that some have figured this out, but many have not. The next big opportunity for the majority is moving to the cloud where a lot of this will conveniently come for free or at very low cost. For sure it will become easier to identify the problem areas and isolate them, and/or rescue the problem children.
How will all this work? In the cloud we can act in unison and not in isolation, and we can leverage the vast population of innocents who just want to get on with life without damaging anyone or anything. We can also dynamically distribute our resources in the address field as well as geographically. We can choose to share information and experiences rather than think alone. But best of all we can move dynamically and take avoiding action faster than the attackers. However, we have to choose not to be victims to make all this work.
Today the attack surface is the planet, and it is hard-wired and solid. Tomorrow it will be diffuse, dispersed, ethereal and gaseous!
Finally, it will be easier to identify and isolate the bad guys and the compromised sites and machines than ever before. No doubt the ‘Dark Side of The Force’ will regroup, retrain, rethink, and make countermoves, but then it is up to us to ‘wise-up’ and move faster. Here is the crunch for them; we will all have a vested interest in The Cloud and there will be millions of creatives taking on their thousands of destructives. By weight of numbers alone we should win!