Tag Archives: threat attacks

Cloud Computing: Easy Target for Cyber Criminals?

Guest writer Paul E. Lubic, Jr., has some definite ideas on the US government’s decision to employ Google’s cloud based computing model. Paul explains why, in his view, this risky venture will play into the hands of cyber criminals.

Here’s Paul’s report:

clip_image002The use of cloud computing by organizations to rent office productivity applications such as word processing, databases, spreadsheets, and presentations is less expensive than the current method of purchasing application packages/licenses.

However, any money saved by renting cloud-based applications rather than purchasing applications for use on local servers will, in my opinion, be lost and more, because of a much higher probability of having the data stored in the cloud hacked and stolen.

This opinion is based on the fact that the documents stored in the cloud are, for all intents and purposes, stored in one virtual location that is a big fat target for cyber criminals.

Consider that with the current method of using office productivity tools to create and store an organization’s documents, they’re stored on various servers owned by the organization.

Depending on the size of the organization, these documents will be spread across many different servers and storage devices, possibly on a common network. The advantage in protecting the data is that a cyber criminal will have a more difficult time gaining access to the many locations than if there were only one location to attack.

Here’s the really scary part. The US Government has recently awarded Google a security clearance for their cloud computing applications; indicating that they are clearing the way to begin using cloud computing, states a recent Los Angeles Times article: Google, Good enough for government work.

This is the same government that this past year was the victim of advanced persistent threat attacks that resulted in the loss of extremely sensitive national security-related data across numerous agencies.

Since cloud computing-based applications are also vulnerable to advanced persistent threat attacks…it seems to me we’ve just made the cyber criminals’ job a lot easier because once the crooks have gained access to one agency’s cloud-based applications, a huge advantage in itself, they’re smart enough to be able to access those of other agencies as well. Yep, one big fat target; the bad guys are salivating on their tee shirts as we speak.

Advanced Persistent Threat: Targeting an organization’s specific individuals who have elevated access in order to gain long-term, clandestine entry to applications and data.

If you’re wondering why the US Government would allow this to happen in the first place…I can hear the bureaucrats [defined: an official who works by fixed routine without exercising intelligent judgment] saying “We changed to cloud computing because it saved us lots of money. We didn’t know it was unsafe.” ‘Nuff said…they’re gonna to do it.

Let Paul know your opinion on this issue by commenting on this article; we all learn from each other when our views and opinions are shared.

Guest writer Paul E. Lubic, Jr. is a long time IT professional who has held the positions of programmer, IT Security Manager and Chief Information Officer.  His interests lie in the IT security area, but he writes on all categories of technology.

Paul is a mature and seasoned writer, with a rare ability to break down complex issues into an easy to understand format. Check him out at his Blog – Paul’s Home Computing.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

12 Comments

Filed under Cloud Computing Applications, cybercrime, Google, Guest Writers