As more people and companies alike, move to storing all kinds of data sets to the cloud, cyber criminals and hackers are increasingly targeting and attacking the infrastructure it’s based on, viewing it as a fruit-bearing jackpot. Organisations and CIO’s are embracing the cloud and it’s space-free, cost saving and supposedly un-penetrable qualities as they upload more and more personal/company information, intellectual property and trade secrets, which is only serving as an enticing challenge hackers are only willing to accept.
Although Cloud vendors, unsurprisingly, wholeheartedly vouch for their more secure un-penetrable offerings over the outdated hardware firewalls of older times, this has by no means stopped hackers from evolving and hitting where the fruit lies. Like us, they have a job to do and to quote the reason the infamous bank robber Willie Sutton gave for his prosperous career, “because that’s where the money is”.
Money is by no means the sole motivation for cloud attacks though; it is the challenge of breaking down the codes and barriers which surround the cloud, whether this is by a secret government agency or a braniac child in the back of their parents shed. Some companies are extremely due diligent in safeguarding their data on the cloud, using specialist advisors from top advisory firms like Deloitte, to make sure their property is untouchable from wandering codes. However, if you’re like me you will probably use the standardised one-fits-all installation. EY’s UK head of Cyber, Chris Gould says, “Attacks on cloud systems are increasing because many companies/individuals rely on a ‘standard’ installation process, which is then replicated for different customers and largely left untouched,” he explained, “Unfortunately some organisations take an ‘if it works don’t touch it’ approach to their cloud security systems, which means that updates and security patches are sometimes only installed when strictly needed,”
This is why we tend to upload to the secure offerings of Google and Apple alike, however like Ben Johnson, chief security strategist for Bit9 put’s it, “If we all just kept our money at home, it’s up to us to protect it. But we don’t want to worry about protecting money in our house, so we put it in a bank. That means it’s the bank which has to worry about security, which is great, but if they get robbed, all of our money is in one place for them to take.”
Essentially no-one is safe from the dreaded cyber criminals, however the more up-to-date, due-diligent and lucky you are, you should be ok.