This last week the Washington Post published a bombshell story on the recent attacks on the US election infrastructure ironically under their motto “Democracy dies in darkness.”
On the Vidder blog Thursday I said that we were at cyberwar. My case was simple:
- Cyber warfare is by nature stealth;
- There are no cyber-specific treaties;
- The migration of attacks from economic targets to political suggests direct nation state complicity; and
- Now our intel agencies have proven direct Russian intel agency involvement.
Then a recent Reuters report broke that made things even more bleak: Russian officialsare demanding source code from US tech companies, even code for security products.
Reports are now emerging of a hack attack against UK’s parliament, another political target.
A pattern of increasing attacks against servers and devices and politically motivated targets is emerging and Russia named as the common source.
See this recent Wired piece on Ukraine: How an Entire Nation Became Russia’s Test Lab for Cyberwar.
For years many security experts have attacked cloud adoption, calling it a security risk. Yet recent events might accelerate cloud adoption, especially for legacy workloads protected by US tech giants flirting with releasing source code to have (ironically) greater access to the Russian market.
Even the perception of a source code sharing risk could dampen enthusiasm for traditional security products and get more CISOs considering protection by AWS, Azure or Google, who are investing billions in advanced infrastructure and might have enough market power to resist Russian demands.
Some of these companies are under tremendous operating pressures and having to fight off innovative startups and IaaS offerings that are catching up if not surpassing (in terms of security) for most enterprises. Some are struggling with layoffs designed to right the ship.
Now there is a source code risk that could give Russian hackers enhanced access to enterprise systems increasingly exposed by digitalization and growing populations of endpoints with network access.
Time will tell. IMHO cyberwar could be a significant new driver for the growth of cloud for existing, premises workloads.
By Greg Ness