RANSOMWARE TRACKING MAPS

Recent problems experienced with Ransomware are evident from infections, which have occurred in 99 countries including China and Russia. The organization that was worst hit by the attack was the National Health Service in England. It was reported that there was a WannaCry programme that demanded...

Are Cloud Providers Facing A Backlash Over Continued NSA Revelations?

Continued NSA Revelations

Edward Snowden, the NSA, Heartbleed – it seems every technology story at the moment is in some way linked to these topics. Whether or not you believe that the NSA was directly involved in the Heartbleed security flaw, it is apparent that cloud customers around the world have been rattled by the disclosure of mass government surveillance and security leaks.

What affect have these revelations and worries had on United States-based cloud providers?

Contract Cancellations

A Cloud Security Alliance (CSA) survey found that ten percent of non-United States companies cancelled contracts with American service providers following the admission of the NSA spying program in the middle of 2013.Worryingly for those providers, the survey also found that a massive fifty six percent of respondents are now reluctant to work with any US-based cloud service. Only thirty percent of those surveyed said that ‘spygate’ would have no impact on their use of cloud services.

The data surprised senior figures within the cloud computing industry. Jim Reavis, Co-Founder and Executive Director of the CSA, said the level of scepticism was greater than he expected, but pointed out that he “thought that more people would understand that these activities happen all the time in their countries as well”. Whether or not other countries conduct the same level of covert operations is not clear.

Foreign Intelligence Surveillance Act

Most customers cited one major stumbling block that would need to be addressed before they once again consider American cloud providers – transparency about the US government’s use of secret orders from the Foreign Intelligence Surveillance Act (FISA).

With internet giants such as Google, Microsoft, and Yahoo all being regularly subjected to FISA court orders, the report showed an almost unanimous call for the White House to disclose more information about the details that are being requested.

Virtually everyone that responded said that providers need to be able to provide at least aggregate information on what they are doing” Reavis said, pointing out that a majority of respondents want hosting companies to be allowed to disclose how many NSA requests they get for each customer record, what kind of information is being requested, and how much is being provided.

European Concerns

The region that cloud providers will be most concerned by is Europe. The cloud is already suffering from a slower uptake in Europe than in North America, and even before the Wikileaks disclosures last year European regulators had published a report warning about how FISA can be used to target non-US individuals located outside America.

The report stated that “FISA can be seen categorically as a much graver risk to European Union (EU) data sovereignty than other laws hitherto considered by EU policy makers” – a quote that led one European-based security firm to note that “”Right now, there are many customers who don’t want to buy American”.

After the Snowden leaks the EU Parliament voted to investigate the privacy and civil rights implications of the NSA spy programs on European citizens. The report is still being conducted, but it is certain that its conclusions will not be favourable for American cloud providers.

The Solution

What do you think is the solution the problem of trust and privacy in the cloud? Is it an inevitability of modern life that other people will be able to learn everything about us merely by switching on a computer, or is government spying an unacceptable level of intrusion? Let us know in the comments below.

By Daniel Price

About Daniel Price

Daniel is a Manchester-born UK native who has abandoned cold and wet Northern Europe and currently lives on the Caribbean coast of Mexico. A former Financial Consultant, he now balances his time between writing articles for several industry-leading tech (CloudTweaks.com & MakeUseOf.com), sports, and travel sites and looking after his three dogs.

View Website

SYNDICATED NEWS SOURCES

(ISC)2 and Cloud Security Alliance Host Cloud Security Summit to Help Cybersecurity Pros Securely Harness Cloud Technologies

By CloudBuzz | September 22, 2017

(ISC)2 and Cloud Security Alliance Host Cloud Security Summit Research cites strengthening of cloud security skills top priority over next three years CLEARWATER, Fla. ,Sept. 22, 2017 /PRNewswire-USNewswire/ — (ISC)² today announced it’s partnering with the Cloud Security Alliance (CSA) for the CSA…

Exclusive: T-Mobile, Sprint close to agreeing deal terms – Sources

By CloudBuzz | September 22, 2017

(Reuters) – T-Mobile US Inc (TMUS.O) is close to agreeing tentative terms on a deal to merge with peer Sprint Corp (S.N), people familiar with the matter said, a major breakthrough in efforts to merge the third and fourth largest…

Hack of U.S. securities regulator rattles investors, stirs doubts

By CloudBuzz | September 21, 2017

WASHINGTON/NEW YORK (Reuters) – Wall Street’s top regulator faced questions on Thursday about its defenses against cyber criminals after admitting hackers breached its electronic database of corporate announcements and may have used it for insider trading. The incursion at the…

Leaking Cloud Databases and Servers Expose Over 1 Billion Records

By CloudBuzz | September 21, 2017

Servers Expose Over 1 Billion Records As The Wall Street Journal recently pointed out, some clients of cloud service providers such as Amazon and Microsoft are accidentally leaving their cloud databases exposed due to misconfigurations of their services. Coupled with recent headline-making…

Thales Joins the Microsoft Enterprise Cloud Alliance

By CloudBuzz | September 21, 2017

SAN JOSE, Calif., Sept. 21, 2017 /PRNewswire/ — Thales, a leader in critical information systems, cybersecurity and data security, is now a member of the Microsoft Enterprise Cloud Alliance (ECA). Designed to foster innovation and promote awareness of partner solutions, the ECA membership…

Addressing the UK NCSC’s Cloud Security Principles

By CloudBuzz | September 20, 2017

As your organization adopts more cloud services, it’s essential to get a clear picture of how sensitive data will be protected. Many authorities, from government regulators, to industry standards bodies and consortia, have provided guidance on how to evaluate cloud…