From the course: Cybersecurity with Cloud Computing

Incidents in the cloud

From the course: Cybersecurity with Cloud Computing

Start my 1-month free trial Buy for my team

Incidents in the cloud

- [Instructor] Deploying technology into the cloud may provide a number of business benefits, but as with any technology deployment, things can go wrong. It's useful to understand the history of security incidents in the cloud in order to avoid repeating past failures. ISC-Squared published a 2019 cloud security report, which indicated that 26% of businesses using cloud had experienced an incident. There were four significant types of incidents: data exposure, malware infection, account compromise, and exploitation of vulnerabilities. Data breaches are the big sensation, and there's a lot of them, as we can see in the information is beautiful graphic. Many of these are cloud data breaches. The Indian Jobseeker breach involved a publicly accessible MongoDB database hosted on Amazon AWS. The OxyData breach was from a Google cloud server, although this server was not one owned by OxyData. The Chatterbox breach was an unprotected Amazon database run out of Mumbai. In this case, one which Chatterbox owned and should have protected. But it's not always attacks. Sometimes things just go wrong. Cloud services can fail. On Sunday, June 2, 2019, Google customers experienced a catastrophic failure of their cloud services for up to 4 1/2 hours. The networking issues affected YouTube, Gmail, and Google cloud users like Snapchat and Vimeo. Data loss is also an issue. On the 2nd of September, 2019, an Amazon data center in the US-East-1 region had a power failure. The backup generators came online, but subsequently began failing, which impacted around 7.5% of compute and storage elements in the availability zone. Amazon was unable to recover some customer data. Governments can seize cloud service. In 2009, the FBI raided Core IP Networks in Dallas and seized servers, routers, and storage. In 2011, the FBI seized servers belonging to hosting company DigitalOne. Not only did this cause a number of websites to disappear, but it's also meant that the FBI had access to the data on those servers. A similar incident occurred in 2013 when the Royal Canadian Mounted Police seized equipment from Vancouver web hosting company White Falcon Communications. Its owner subsequently filed a lawsuit against the Attorney General of Canada and two Canadian police alleging the seizure caused his business to collapse. In the US, the legal position relating to the application of the Fourth Amendment to cloud data is still developing with some lower courts finding that consumers have a reasonable expectation of privacy. A cloud incident can be an existential threat to a business resulting in business failure. One of the early such cloud incidents was the malicious attack on Code Space, in which hackers took revenge on the company for not paying the ransom they demanded. We'll look at a couple of these incidents in more detail to understand how they occurred.

Contents