Steve Jones - SSC Editor - Thursday, January 24, 2019 9:13 AM
It doesn't have any access until it does. Sigh.
If you can get to it via the net that opens an access route for any hacker anywhere on the planet to get to it, provided they find a way. Given the inherent complexity of cloud systems the attack surface is much larger than an on-site server that has one carefully shielded point of entry.
1. There are more companies involved, thus far more employees that can be compromised and/or corrupted.
2. There are many more computers, routers, etc. between you and your data.
3. There are more computers involved directly (failover, virtual systems, containers and the like).
4. There are many companies data concentrated in one place, making it a big juicy target.
The more complex the system the more attack surface it has. The more people involved the exponentially higher possibility for A) procedural error, B) configuration error, C) corruption, D) disgruntled employees.
Thus an infinitely larger attack surface. Just look at all the supposedly secure systems that have been hacked in 2018 alone.
It's a case of the Emperor's new clothes in cyber-space.