December 10, 2013 No Comments-
Bjørn Lilleeng, Technical Integration Manager
– Security is mentioned as one of the real advantages when using Cloud technology. Old fashioned Enterprise systems often consist of a range of systems built over a long period of time. These systems have varying degrees of integration, and can have components built during a period with less emphasis on security. In addition, the competence of people maintaining such systems will vary a lot from enterprise to enterprise.
Such factors may make us wonder about the robustness of our enterprise network. Is my critical information safe? How large is the attach surface? What kind of vulnerabilities are exposed in my systems, ready to be exploited by all sorts of nasty malware?
Considering Cloud based solutions
So it is no wonder we look at the benefits of Cloud Computing, and sometimes consider applications residing in the Cloud as a better alternative. The fact that Cloud makes location irrelevant and solutions can scale automatically according to business needs, may be important factors. Other arguments in favor of using Cloud technology are not hard to find either:
But don’t let the Cloud lower your security awareness
In contrast to this comes the recent news about the hack of Adobe’s internal database. Like Kristian Bognaes mentioned in his “In the news”-blog, the number of stolen records from Adobe now has passed more than 150 million. Other large online service providers like RSA, Yahoo, Vodafone and others have also experienced security breaches over the last few years.
What makes me really concerned about the Adobe hack, is that it also involves stolen source code. We know from previous hacks that using known vulnerabilities in commercial software is a common way to get access to secured information. If the hackers also have access to the source code, it may make their search for vulnerabilities much easier than just brute forcing the binaries.
When RSA was hacked in 2011, according to RSA’s own blog, a vulnerability in Adobe Flash was used to install a backdoor (ATP) on an RSA employee’s workstation. An APT (Advanced Persistent Threat) is a piece of malware that stays resident for as long as it takes to steal user names, passwords and other credentials. In this particular case, data was stolen and used to harm RSA’s own SecurID product.
So far it is not known if hackers have used potential vulnerabilities in the stolen Adobe code to implement malware taking advantage of this. There may also be other code stolen from large commercial vendors that we have never heard of, code that is being analyzed by hackers right now.
The good old lesson is more important than ever
In other words – it is the old lesson again: Do whatever you can to keep the bad guys away from your network. Once they are inside, it can be really hard to get rid of them. You can spend a lot of resources on the very best infrastructure in the world, but if there is a weak link somewhere, this may be entrance to your network. And the favorite weak link in many cases is unpatched software.
In addition to keeping a rigid password regime, the recent events stresses the importance of keeping your systems patched at all times.
Norman Safeground uses cloud technology to implement many of the services offered to our customers. In upcoming blogs I’ll cover these in more detail.