The Lighter Side Of The Cloud – Clandestine
The Lighter Side Of The Cloud – Google Glass
The Lighter Side Of The Cloud – Gaming
The Lighter Side Of The Cloud – iPhone Anticipation
Dark Clouds On The Horizon: The Rise Of Sophisticated Cybercrime

Dark Clouds On The Horizon: The Rise Of Sophisticated Cybercrime

Sophisticated Cybercrime

incapsula

The story reads as if it were pulled from the pages of a Tom Clancy novel: a collection of US banks suddenly starts receiving Distributed Denial of Service (DDoS) attacks that are carefully timed to re-strike just as their systems start to repair themselves. The attacks are carried out by waves of botnet zombies pouring from infected servers across the world and aimed at the United States. The main source of the outbreak is an innocent general interest website based in the UK that has been poisoned by a web design company out of Turkey. The alleged perpetrators of the attack: a shady extremist group based in the Middle East.

This, however, is not fiction. It happened in January 2013 and exists now as one of the case studies/success stories of Incapsula, (www.incapsula.com) a cloud-based website security company based in Redwood Shores, a short drive from San Francisco.

As computing technology has grown in sophistication and power over the years, so has the criminal element that seeks to exploit it. Individual interest groups, religious factions, even entire countries are at work seeking any and every weakness available inside lines of code, forms, executable files and any other seemingly innocuous paths that can lead eventually to disruption, destruction, theft and chaos.

In this case, the computers and the experts at Incapsula were able to detect and thwart the attack before any major damage occurred, but as Incapsula security analyst Ronen Atias writes in his account of the event, “this is just another demonstration of how security [on] the internet is always determined by the weakest link.” He points out that the simple mismanagement of an administrative password on the UK website was quickly exploited by the botnet shepherds in Turkey. “This is a good example,” he says, “of how we are all just a part of a shared ecosystem where website security should be a shared goal and a shared responsibility.”

Incapsula CEO Gur Shatz agrees. As a veteran security specialist and former captain in the Intelligence Corps of the Israeli Air Force, he has seen it all, and he sees the problem as growing in sophistication.

The reason for the rise in Advanced Persistent Threats (APTs) is less about who the perpetrators are, and more about risk versus reward,” he says. “The inadequacies of today’s defenses, juxtaposed with the ever-rising value of the information that can be stolen, represent a huge opportunity for cybercriminals. Personal or corporate devices are a tremendous intelligence source, carrying richer and more accurate data than ever before, but protections on these devices still mostly rely on outdated technologies such as passwords.

The interconnectedness of cloud technology presents both a good news and bad news scenario when it comes to the criminal element, Shatz says. The bad news is that the interconnected nature of the cloud has increased the exposure of an organization’s infrastructure. The good news, though, is that the cloud is a much less heterogeneous environment than the jungle of personal devices (smartphones, laptops, etc.), which means that the cloud-based production environment can be made more secure much more easily than corporate networks, which is where Incapsula comes in.

Shatz points out that in general, hackers are lazy and will almost always take the easiest path to infiltrate their target. The fact that an alarmingly large number of incidents involve simple password theft indicates that this is still a major issue. However, targeted attacks on more security-conscious companies certainly require more sophisticated tools, which are readily available to cybercriminals.

When assessing a company’ risk for exposure to APTs, is common for some to take a head-in-the-sand approach, thinking, for example, “I’m not a bank, I make farm equipment, so I do not have to worry.” But Shatz points out a company without any major secrets or critical online functionality is still subject to being used as a “mule” to conduct cybercrime, as with the “Tom Clancy”  scenario mentioned earlier. “Even small online businesses such as ecommerce sites, are vulnerable,” he says, “because downtime or slowness costs them both money and reputation damage. This makes them target to DDoS extortion (which is essentially the online version of the protection racket for physical stores).” Incapsula has seen several instances of this type of attack over the past six months.

Ultimately, Shatz says, shying away from the cloud rather than risking attacks of this sort is not an option, since even if you don’t go online, your competitors will. So it’s really a question of how secure your cloud environment and web applications actually are. Various types of solutions are available from companies like Incapsula and others. But avoiding the cloud, which is equivalent to putting your head in the sand and keeping it there, is not a solution.

By Steve Prentice

Steve Prentice
Follow us

Steve Prentice

Steve Prentice is a project manager, writer, speaker and expert on productivity in the workplace, specifically the juncture where people and technology intersect. He is a senior writer for CloudTweaks.
Steve Prentice
Follow us

Sorry, comments are closed for this post.

FREE! POPULAR RESEARCH TOOLS

Popular Archives

The Cloud Above Our Home

The Cloud Above Our Home

Our Home – Moving All Things Into The Cloud The promise of a smart home had excited the imagination of the movie makers long ago. If you have seen any TV shows in the nineties or before, the interpretation presented itself to us as a computerized personal assistant or a robot housekeeper. It was smart,…

Surprising Facts and Stats About The Big Data Industry

Surprising Facts and Stats About The Big Data Industry

Facts and Stats About The Big Data Industry If you start talking about big data to someone who is not in the industry, they immediately conjure up images of giant warehouses full of servers, staff poring over page after page of numbers and statistics, and some big brother-esque official sat in a huge government building…

Recent

Cloud Infographic – Top Vulnerable Applications

Cloud Infographic – Top Vulnerable Applications

Top Vulnerable Applications  As you use the Internet on a daily basis, you probably come across cyber security topics, but rarely glance at them twice. After all, cyber security threats don’t concern you, right? Well, that’s not exactly true. Cyber attacks are more widespread than you can imagine and they may be targeting your devices as…

The Lighter Side Of The Cloud – Whatever Happened To Alone Time?

The Lighter Side Of The Cloud – Whatever Happened To Alone Time?

By David Fletcher Are you looking to supercharge your Newsletter, Powerpoint presentation, Social media campaign or Website? Our universally recognized tech related comics can help you. Contact us for information on our commercial licensing rates.  About Latest Posts Follow usSteve PrenticeSteve Prentice is a project manager, writer, speaker and expert on productivity in the workplace,…

MOST RECENT - Posted by
New Trends In Cloud Based Education

New Trends In Cloud Based Education

Cloud Based Education With technological progress accelerating and users’ computer experience becoming richer and increasingly complex, the future developments in education technology is very exciting. Students are now able to attend demonstration sessions on how to handle technology through remote laboratories using advanced applications in a truly interactive environment. One of these exciting areas is in telemedicine.…

The Many Hats Of Today’s IT Managers

The Many Hats Of Today’s IT Managers

The Many Hats of IT Managers In years past, the IT department of most large organizations was much like a version of Middle Earth: a mysterious nether world where people who seemed infinitely smarter than the rest of us bustled around, speaking and typing languages that appeared indecipherable, yet, which made our world work. They…

Selling Your Business To Your Employees

Selling Your Business To Your Employees

Mobility For Your Employees It may seem a radical notion, the idea of selling your business to the people who work for you, but this is the era in which we now work. Employees of all levels are all incredibly aware of their options when it comes to mobility and employability. This doesn’t mean that…

Technology Sponsors

hp Logo CityCloud-PoweredByOpenstack-Bluesquare_logo_100x100-01
cisco_logo_100x100 vmware citrix100
Site 24x7 200px-KPMG
Advertising ROI Plans

Established in 2009

CloudTweaks is recognized as one of the leading influencers in cloud computing, big data and internet of things (IoT) information. Our goal is to continue to build our growing information portal, by providing the best in-depth articles, interviews, event listings, whitepapers, infographics and much more.

CloudTweaks Comic Library

Advertising