This is precisely the reason why I'm against moving everything to the cloud. Find your way into AWS or Azure and you will have everything on a silver platter.
This is very bad logic to be honest. When you have worked for some big companies, and I’ve worked for dozens and dozens of them, you know their security is basically Stone Age compared to anything in the « Cloud ». They have « firewalls » with rules nobody know about and wether they are still valid or not, they have applications running on servers they don’t know about (I saw in more than a single occasion that the « solution » is just to kill the application to see if someone is still using it), they have servers that they can’t locate, they have MPLS networks connected to remote locations with ZERO physical security (and of course the MPLS network is connected to their datacenters like it’s private network, i.e. with full access and no security at all), they have hundreds and hundreds of contractors with way way too much information, way way too much accesses, they have basically zero knowledge about what’s going on in the world of IT security, and they don’t have 10% of the people they would need to actually even try to do security, etc. etc. I mean, the security of those big companies is so ridiculous that it becomes funny. I suspect that those systems don’t crash more just because the hackers inside are actually maintaining them. There is no single doubt those companies would be 10 or 100 times more secure if they would move everything to AWS or Azure.
Until some day, and you will get an article about a teen who was able to get access to any private message of any user just by asking the support for an access. Hum wait... already happened
Maybe the bigger you are, the more you think about security, but the bigger you are the more difficult it is to protect yourself
An organization that has spawned such a mess, and been unable to clean it up thus far, will be plenty capable of creating an equivalently insecure (but different in the details) mess on a cloud platform.
That might be true for a tech-competent company with a well-staffed security team, but for many companies and for individual data, I'd trust Amazon and Microsoft to secure my data more than I'd trust myself.
I think this is the wrong analogue. I absolutely would not trust Amazon or Microsoft with my personal data (I'm the type that hosts my own e-mail, sync, docs, etc.)
Now for a BUSINESS, I could see the advantage in less maintenance cost and being able to spin up/down services easily. It is easier and that cost is measurable (up to a point; when you get big enough AWS costs become obscene compared to self-hosting. I've been at more than one shop that moved things back on-prem to save money).
Yeah migrating to AWS is not cheaper. It never is. It’s a complete fucking lie to be honest.
I’m actually dealing with an issue where one RDS instance in AWS costs more over three years than the entire infrastructure and software investment did on the on-prem.
Pre-cloud I remember having 10 full time infrastructure guys to support 100 devs by building servers, installing software, setting up backups, buying licenses, setting up the network, creating credentials, patching software, etc...
Most of the projects I work on now have 1-2 IT people supporting 100 devs.
Yeah this line is the new "nobody got fired for buying IBM". No, but they ended up getting laid off eventually.
Will non-tech-competent companies without well-staffed security teams make it? How much individual, private digital data is likely to make it as long as say, a vellum manuscript?
Microsoft probably has a large network and lots of employees and vendors. So I'd assume that every day some machines are being compromised at Microsoft (like anywhere else with lots of employees and stuff like Google, Facebook, Amazon,...) - it's just not that unusual these days.
The question is if any of these leads to lateral movement and access of sensitive information or modification of data and stuff. No company is required to tell you about every single piece of malware they find in their networks - unless something "bad" happened. Maybe we should require more transparency in general.
I guess investigations will show what happened or is happening still.
At least in AWS, practice is to encrypt all connections between components, and to have granular least privilege permissions at every point. Behind the scenes AWS follows the same principles for the infrastructure. I would argue a lot of cloud set-ups are inherently more secure than the equivalent on-prem of large enterprises.
Encryption only helps if you can guarantee that your attacker can't get access to the layer below where the runtime decrypts things.
A cloud hack like the parent poster talks about assumes that you get access to the hypervisor layer and can look at the RAM of the guest machines.
This is not inconceivable. Rather, it seems quite reasonable given the complexity of hypervisors and the prevalence of CPU architecture bugs that makes these attacks easier.
IF you're referring to the Capital One incident, that had nothing to do with AWS. Their systems behaved as intended. It was a error in the implementation of Capital One's systems.
Your misinterpretation of their comment is the source of your confusion: note that they said “a lot” and “more secure”, not perfect. There are many more breaches of on-premise systems but we don’t say that those are too risky to use — it all comes down to cost. One big advantage that cloud environments have is that you can assume everything is API-driven and there are off the shelf tools to look for common problems like the Capitol One WAF setup. You certainly can do that on-premise but you have more work to do and the bespoke nature of the environment makes misunderstandings easier.
Having trouble finding a reference since the search terms aren't too friendly (lots of targeted ads though), was there one where it wasn't an account configuration issue?
Yes - but the alternative argument could be made that a million small organizations have no ability to stay on top of every little best practice, update, software, no dedicated security/zero day team, no ability to do investigations/in-depth analysis - i.e. easily compromised.
Apparently big companies also can't vet or properly compartmentalize third-party software either.
It's an untenable problem for organizations of any size. There aren't enough man hours to reverse engineer and vet all the third-party software that any sized organization uses. There's no community will to force vendors to do better either.
We need something like an Underwriters Labs for software. It probably will take the insurance industry coming down hard for things to change.
Do you say this because you think some hacker can gain access to the VMs where your data is stored? It’s significantly more likely that this will happen due to one of your engineers getting social engineered. While we don’t know the details of the SolarWinds breach yet, I’d be willing to bet the hackers did not gain access to production VMs.
If 5% of businesses are independently compromised every year, that's a painful but manageable drain on our economy.
If the [inter]national infrastructure goes down, with the firmware on every device on every internet-connected computer bricked at the same time due to a large-scale cyberattack (perhaps followed by a military attack a little while later), we're f-ed.
All this would take is:
- One zero-day each on Windows, MacOS, and Linux.
- Nation-state level resources to create a bricking firmware update for all commonly-used devices.
- Nation-state level resources to create a spreading attack for all major routers and network devices.
- Nation-state level resources to deploy this rapidly enough that response systems can't respond.
With 200 nation-states, it's perhaps just a matter of time....
(And yes, there's a lot more i's to dot and t's to cross, but I think they're all doable, with nation-state level resources)
Why destroy the computers? Just destroy the power grid. Get a few million smart meters to disconnect from the grid simultaneously and watch the sparks fly. Destroy a sizeable quantity of transformers and it will be months or years before power is restored.
I think this is more "movie plot", though. "Smart Grid" security has gotten tons better than it was at the start. A lot of very security conscious and smart people have been working on it.
Precisely what you said: Power grid has security. Compromising 90% of connected devices with a mainstream OS would, at once:
(1) Tank the economy
(2) Likely, be doable with resources totaling in the single-digit million dollars
Modern wars are largely about industrial capacity.
But if it is equally easy to compromise the grid, why not do both?
This may sound like a movie plot, but so did the invasion of Poland at the beginning of WWII, the attack on Pearl Harbor, nuclear bombs on Japan, the rape of Nanjing, or many other actual events which Actually Did Happen.
We tend to underestimate the impact of rare events: our brains are conditioned to discount anything which happens once or less than once per lifetime. That's likely why humanity will kill itself at some point.