Your Cloud Held Hostage – Could It Happen?


Today we have a guest editorial as Steve is away on vacation.

I bet most of you have thought about the loss of a data center, but how many of you have worked through the consequences of a deliberate attack on one? One designed to destroy your capacity to serve customers and make money, or to extort money in exchange for the return of your hardware and data? That’s bad enough in your local colocation facility, but what if it were to happen to your cloud vendor?

Farfetched, right?

You sure about that?

On the level most of us think about, I bet cloud security is good. Encrypted storage and encrypted network. Biometrics, armed guards, carefully vetted staff, on site destruction of old hardware, multiple fences and lots of monitoring. Presumably some really good safeguards at the Cloud OS management level to manage true admin access to the hardware that runs the VM’s that power your part of the cloud. Presumably it’s better than many of us do internally.

Most of this security is designed to detect and stop hackers. It’s also reasonably good at keeping the same hacker from social engineering their way inside. What happens when you get a different kind of attacker though?

  • A physical assault on the facility by an armed team to breach and then hold or destroy the facility
  • Car/truck bomb
  • Plane crash
  • Bio/chemical attack

Those are military grade threats. Are the cloud centers equipped with the mindset and hardware to stop those? I don’t know, but if I had to guess? Probably not.

What happens if the cloud data center that was hosting you is destroyed? You are paying to geo-replicate right? You do have some kind of independent backup that you can restore? What happens if the attackers have physical possession of the storage and are trying to compromise the encryption so that they can read and share with the world your data?

I know I’m channeling Tom Clancy a bit here, but my point is that the scale of these sites makes them a far more interesting target than your local colo. I’m not saying we shouldn’t move the cloud because there are risks, but we should think about all the risks. If the cloud is successful, almost all of our eggs will be in their basket and sooner or later, someone will try to steal or destroy that basket. Make sure you plan for the storm and hope it never happens.