By Carl Weiss
Image courtesy of |
Most people think that cloud computing is a relatively
new technology. The truth of the matter
is that it has been around since the 1960’s. A blog on computerweekly.com
points out that,
“The idea of an "intergalactic
computer network" was
introduced in the sixties
by J.C.R. Licklider, who was responsible for enabling the development of ARPANET
(Advanced Research Projects Agency Network) in 1969. His vision was for
everyone on the globe to be interconnected and accessing programs and data at
any site, from anywhere, explained Margaret Lewis, product marketing director
at AMD. "It is a vision that sounds a lot like what we are calling cloud computing."
Courtesy of sysnet.uscd.edu |
Other criteria that took the concept away from early adopters and
made it more mainstream were the obvious financial benefits that the technology
offered in terms of backing up data, as well as increased storage capacity
without having to invest in new hardware.
The downside was that those wishing to store sensitive data on the cloud
had to deal with worrisome the question of online security.
Andreas Asander, vice-principal of product management at
virtualisation security specialist Clavister, said that once the security
issues are resolved, cloud computing services "can enable an enterprise to
expand its infrastructure, add capacity on demand, or outsource the whole
infrastructure, resulting in greater flexibility, a wider choice of computing
resources and significant cost savings."
What Color is Your Cloud?
While the
cloud offers a number of opportunities to users, currently there are three
operating models:
1.
Infrastructure as a
Service (IaaS) –IaaS provide physical or virtual machines, image libraries,
block storage, firewalls, IP addresses, Virtual Local Area Networks and
software bundles to users.
2.
Platform as a Service
(PaaS) – The Paas model provides a computing platform such as a web server where
programmers and developers can run their software solutions on a platform
without having to buy and manage the hardware.
3.
Software as a Service
(SaaS) – SaaS users are provided access tp databases and/or applications for a
flat or monthly fee. In a SaaS model,
users access the software from the cloud client.
While users
can access all of the abovementioned services using a variety of devices, some
users rely on the cloud to run nearly all their applications. The cloud services can be mixed and matched
depending upon the user’s needs.
Generally, there are six service models from which to choose:
1.
Private Cloud is an
infrastructure designed and managed for the users of a single entity or
organization. Corporate data centers are
examples of private clouds. The infrastructure for these data centers can be
either managed internally or by a third-party.
2.
Public Cloud renders
services to the general public.
Providers such as Amazon, Google and Microsoft provide public access to
their managed data centers via the Internet.
3.
Hybrid Clouds are
created when two or more cloud services from different providers are offered to
users. They can pull together some
combination of public, private, and community cloud services under one
umbrella.
4.
Community Clouds serve
several organizations with a common interest.
This way costs can be shared between two or more organizations wishing
to avail themselves of a Private Cloud.
5.
Distributed Cloud – Where
a Community Cloud allows organizations to share cloud resources, a Distributed
Cloud shares machines located at different locations by a single network or hub
service.
6.
Multicloud uses multiple
services to reduce the risk of a single vendor going down and thus leaving the
user with no service.
The Dark Cloud
The Dark Cloud
Image courtesy of pinterest.com |
data. Anyone with access to the data could either accidentally or purposely alter or delete the data. Since some cloud providers share access with this information with outside entities, this would mean that the only practical way to protect the data would be to encrypt it.
Anyone that
uses cloud services such as social networks or blogging platforms (which are a
kind of cloud service) knows that the information contained therein is not only
shared with the hosting agency, but they actively profit from data mining this
information. What many people are
unaware of is the fact that ALL of the information displayed on social nets and
blogs is actually owned by the service provider and not the author.
There is
also the real risk that a hacker can not only gain access to a user’s cloud
service, but it is also possible for a hacker to not only alter the content
contained in the cloud, but to lock out the legitimate user. It is not uncommon for hackers to demand a
ransom in order to have the legitimate user’s access restored. (Failure to pay the ransom usually causes the
hacker to delete the users information.)
It is also possible that hackers can use the information gleaned from a
user’s social networks to hack their way into a user’s computer, tablet and/or
smartphone.
In a recent
article in usatoday.com. entitled, Hackers Ramp Up Computer Attacks That Demand Ransom, writer Erin Coker points out
that,
“Hackers operating on the Internet's "Dark Web" are
spreading a new, more sophisticated generation of the malicious software known
as "ransomware," anonymously shaking down anyone with an unprotected
computer, from lawyers and cops to small businesses. Where small groups of
anonymous hackers once hit individual consumers, the hackers have now organized
into crime syndicates that boldly launch massive attacks against entire
companies.”
http://www.usatoday.com/story/news/nation/2014/05/14/ransom-ware-computer-dark-web-criminal/8843633/
She also pointed out that these attacks are
usually initiated when someone boots up only to find an ominous warning with a
ticking countdown clock informing them that they have a limited time to pay the
ransom or risk the destruction of their data. This can result in one of three
scenarios:
1.
The user pays up and their asset is
unlocked.
2.
The user runs out of time and their data
is destroyed or their machine is locked permanently.
3.
The user pays and the hacker takes the
money only to renege on freeing the user’s data or machine.
From slideshare.net |
When you
take into consideration that some of these coordinated ransomware attacks were
successfully delivered to hundreds of thousands of victims in ten days, this
results in tens of millions of dollars in ransom. The worst thing is the fact that ransomware
is on the rise. The FBI’s own website
reads,
Ransomware has been around for several years, but there’s
been a definite uptick lately in its use by cyber criminals. And the FBI, along
with public and private sector partners, is targeting these offenders and their
scams. . Recently,
we’re seeing an increasing number of incidents involving so-called “drive-by”
ransomware, where users can infect their computers simply by clicking on a
compromised website, often lured there by a deceptive e-mail or pop-up window. Another
new trend involves the ransom payment method. While some of the earlier
ransomware scams involved having victims pay “ransom” with pre-paid cards,
victims are now increasingly asked to pay with Bitcoin, a decentralized virtual
currency network that attracts criminals because of the anonymity the system
offers.
The bottom line is while cloud computing is a tremendous boon to the public in terms of saving time and money when it comes to accessing computing power, unless serious security issues are resolved, there could come a time when cloud computing disappears like a puff of smoke.
Carl Weiss is
president of Working the Web to Win, an award-winning digital marketing agency based
in Jacksonville, Florida. You can listen
to Carl live every Tuesday at 4 p.m. Eastern on BlogTalkRadio
No comments:
Post a Comment