Security experts recently wondered about data security within the current cloud computing environment. To test the waters in this sector, industry researchers performed an experiment to see how long it would take cybercriminals to infiltrate the typical cloud server arrangement.
As part of the investigation, participants set up six servers running different software, including Microsoft and Linux, and filled the hardware with a range of popular programs. Experts then invited cyberattackers to take their best shot at gaining access to the systems, offering a $5,000 prize for the first hacker to achieve this goal.
Within four hours, the bounty was claimed by Gus Gray, a 28-year-old former technology company employee who was by no means a professional cyberattacker.
"I just thought I'd spend two or three hours poking around and see what I could learn, and it would make for an interesting evening," Gray said after successfully permeating the servers.
This experiment illustrates the ease with which hackers can attack and gain access to cloud servers, and the need for boosted security systems. Although many users are drawn to cloud computing for its capabilities including application availability, scalability and cost efficiency, some don't consider the security needed to protect sensitive data stored in the cloud.
Rapidly expanding cloud market
Within the last few years, users in a range of industries have begun migrating assets to the cloud. Where the cloud market hit $46 billion in 2008, experts forecast that the sector will reach $150 billion in 2014 as an increasing number of organizations and individual customers utilize the cloud for a variety of purposes.
Research has shown Global 1000 organizations' IT teams will boost their cloud utilization by up to 25 percent, as they rely on two or more cloud services for both internal and external users. In addition, by 2014, up to 60 percent of server workloads will be virtualized, significantly raising the amount of content stored in and powered by the cloud.
However, with projected figures showing significant growth for cloud utilization, this creates increasing needs for boosted data security. As more content is stored in the cloud, service providers must be sure their system includes the most up-to-date safeguards to protect customers' sensitive information.
Data security in the cloud
Within experts' cloud server security experiment, winning novice hacker Gray reported how he was easily able to circumvent protections and gain total access to resources on the hardware.
Gray said he used a weakness within the arrangement's utility application which permitted remote access to the servers from the Internet, a functionality created for administrative use. The program was password protected, however the default password was hardly unique and Gray was able to guess it fairly quickly. After bypassing this applications' security, Gray could snoop and steal any information contained on the servers.
"A malicious hacker could easily write a computer program to scan for the vulnerability that Gray found, and use it to scan automatically for the same problem on any server in the cloud and break it," pointed out San Francisco Gate contributor Dune Lawrence.
In this way, it is important that service providers protect their cloud servers with more than just passwords. Service providers can utilize a server restore solution like Deep Freeze Server, which provides administrators the ability to rest easy when it comes to their server security. The technology specifically protects Web connected servers used for cloud applications, and enables IT personnel to restart the system and wipe any malicious programs from the hardware in the event of an attack. As service providers respond to increasing data protection needs, this is creating considerable growth in the global data center security market. Analysts show that the sector will grow at a compound annual growth rate of 8.23 percent within the next four to five years.
Educational technology blogger, loves to research and write about tools and tips for educators on how to integrate technology into everyday instruction creatively and effectively. Fond of reading and writing.
No comments:
Post a Comment