Conventional discussion on cyberwarfare has dwelt on information warfare, though information warfare is here to stay which was validated by the cyber attack on Estonia in 2007 when the small country was crippled and the country had an emergency.
The Estonian attack seems like simple influenza when we analyse what the cloud computing services can facilitate as tool for cyberwarfare ; this would be an attack of pneumonia or even pleurisy with assured outcome as death.
The key strengths of the cloud are what is every Generals dream for fighting a war:
1. Rapid Elasticity - The cloud will not go down and is designed to withstand huge demands of computing when required. This is like men in an army who never get tired and the number of available fighting men are almost infinite.
2. On Demand Self Service - Anyone need to register a domain and you are fine to use the cloud services, you will also need a legitimate credit card for paying for the services. Both these identities are a breeze for any illegitimate agency whose intentions are malicious. Anyone can play General if he has a valid email id and a valid credit card, then he has access to his cyber army.
3. Resource Pooling - The cloud service provider will support your applications even if it calls for a cloudburst, this is like an army general with infinite ammunition in conventional warfare.
4.Broad Network Access - You can access the cloud services to mount an attack from any digital device which can access your cloud service provider. The cyber attacker could sit in a cave and use the cloud services through a satellite phone to execute an attack.
5. Measured Service may be the only tool that may be a deterrent to a cyber terrorist using the cloud since any abnormalities in storage, processing, bandwidth, and active user accounts can be monitored and suitable controls could be initiated. But if monitoring is not real time the General would have finished the cyber war before the measured service cuts off the computing supply.
The Cloud Infrastructure as a Service (IaaS) would be the preferred cloud service because it gives the cyber attacker an opportunity to deploy and run any software including Operating systems and applications. PAAS and SAAS can also be used as auxiliary armoury for a sustained cyber attack.
The cloud is already being used to break codes, passwords and algorithms because of its awesome computing power. Imagine what will happen in case of a planned cyberwarfare.
The cloud can be used to bring down all forms of communications telephony, wireless, digital, satellite and any other communication like radio and television which depend on information technology. Once the communication is down the utilities like power, transport (air,sea,road & rail), power grids, power stations will be brought down; the list is endless and all this can be done in a short period by mounting a well orchestrated cyber attack using the power of the cloud.
The cloud is a two edged sword and is like the nuclear energy which can be a great enabler but also a pain as nuclear arsenal in the wrong hands.
The cloud computing resources can be used to mount an attack on citizens, corporates and governments or even international agencies everyone is vulnerable.
We need to understand the perils of the cloud and strengthen its soft & vulnerable underbelly; outages of services providers like Amazon, Google and Microsoft should be a priority but regulating the use of the cloud for cyber warfare is far more greater.
We need to work together in securing the cloud; restrict access to the cloud to the bad element, so that we can preserve our digital world for our children and future generations of mankind.
The Estonian attack seems like simple influenza when we analyse what the cloud computing services can facilitate as tool for cyberwarfare ; this would be an attack of pneumonia or even pleurisy with assured outcome as death.
The key strengths of the cloud are what is every Generals dream for fighting a war:
1. Rapid Elasticity - The cloud will not go down and is designed to withstand huge demands of computing when required. This is like men in an army who never get tired and the number of available fighting men are almost infinite.
2. On Demand Self Service - Anyone need to register a domain and you are fine to use the cloud services, you will also need a legitimate credit card for paying for the services. Both these identities are a breeze for any illegitimate agency whose intentions are malicious. Anyone can play General if he has a valid email id and a valid credit card, then he has access to his cyber army.
3. Resource Pooling - The cloud service provider will support your applications even if it calls for a cloudburst, this is like an army general with infinite ammunition in conventional warfare.
4.Broad Network Access - You can access the cloud services to mount an attack from any digital device which can access your cloud service provider. The cyber attacker could sit in a cave and use the cloud services through a satellite phone to execute an attack.
5. Measured Service may be the only tool that may be a deterrent to a cyber terrorist using the cloud since any abnormalities in storage, processing, bandwidth, and active user accounts can be monitored and suitable controls could be initiated. But if monitoring is not real time the General would have finished the cyber war before the measured service cuts off the computing supply.
The Cloud Infrastructure as a Service (IaaS) would be the preferred cloud service because it gives the cyber attacker an opportunity to deploy and run any software including Operating systems and applications. PAAS and SAAS can also be used as auxiliary armoury for a sustained cyber attack.
The cloud is already being used to break codes, passwords and algorithms because of its awesome computing power. Imagine what will happen in case of a planned cyberwarfare.
The cloud can be used to bring down all forms of communications telephony, wireless, digital, satellite and any other communication like radio and television which depend on information technology. Once the communication is down the utilities like power, transport (air,sea,road & rail), power grids, power stations will be brought down; the list is endless and all this can be done in a short period by mounting a well orchestrated cyber attack using the power of the cloud.
The cloud is a two edged sword and is like the nuclear energy which can be a great enabler but also a pain as nuclear arsenal in the wrong hands.
The cloud computing resources can be used to mount an attack on citizens, corporates and governments or even international agencies everyone is vulnerable.
We need to understand the perils of the cloud and strengthen its soft & vulnerable underbelly; outages of services providers like Amazon, Google and Microsoft should be a priority but regulating the use of the cloud for cyber warfare is far more greater.
We need to work together in securing the cloud; restrict access to the cloud to the bad element, so that we can preserve our digital world for our children and future generations of mankind.
Comments
Post a Comment