Day: October 23, 2012

The Private Cloud: A Cyber War Bomb Shelter

As the amount and the importance of the data that people, businesses, governments capture and store electronically have increased, so has the frequency of every type of cyber-attack. Much attention has been paid to financially-driven hacking and hacktivism, the two most common forms of cybercrime. However, a rarer though much more devastating type of cyber-attack—cyber warfare—has been grabbing many of the headlines lately.  As a result, companies may be wondering what they should do to counter this threat and if it should influence their choice of infrastructure. In any case, the best option for most businesses would still be to select private cloud solutions, which provide the greatest protection from every kind of cyber-attack.

The severity of the cyber warfare threat was reinforced by a speech last week of the U.S. Secretary of Defense, Leon Panetta, in which he warned of the susceptibility of vital American assets to cyber-attacks by enemy governments and extremist groups. He pointed to the recent cyber-attacks against the websites of major U.S. banks and the Shamoon virus that targeted oil companies in Saudi Arabia and Qatar as evidence of the potential impact of cyber warfare. Panetta also warned of cyber-attacks that would target the nation’s chemical, electrical, and water facilities and transportation networks and “could be as destructive as the terrorist attack on 9/11.” He used the example of terrorists hacking into an electronic transportation system and derailing and crashing trains, some filled with passengers and others carrying hazardous chemicals. Panetta went on to say, “No one has a greater interest in cybersecurity than the businesses that depend on a safe, secure and resilient global, digital infrastructure.” He added that the private sector cannot expect the military or the government to protect it from cyber-attacks. Instead, companies have to beef up their own network security. They also need to be willing to share data about attempted and successful cyber-attacks with the government.

Some observers have dismissed Panetta’s speech as an attempt by the Obama administration to pressure the opponents of a cyber-security bill that has stalled in the Senate. Others worry that the Secretary of Defense may be using the threat of cyber war to increase government and military control over the Internet. PC Magazine writer John C. Dvorak also puts forth the interesting argument that the conditions for a widespread and destructive cyber war do currently not exist, since terrorists and terrorist states do not have the resources to conduct massive cyber-attacks and because China and Russia would harm their own economies too much if they succeeded in crippling the infrastructure of the United States.

However, even if one discounts the train example and the “cyber Pearl Harbor” rhetoric as over-dramatic, the recent bank and Shamoon cyber-attacks—which were perpetrated by Iran, according to most intelligence experts—should be enough to convince businesses of the significance of the cyber war threat by themselves. The bank attacks in particular demonstrate that a company doesn’t have to be the target of a cyber-attack to be harmed by one. In this case, consumers and businesses could not access their online bank accounts, resulting in delays or cancellations of sales and transfers. Similarly, cyber-attacks aimed at the electricity grid and the transportation system would affect thousands or millions of companies in addition to the targeted utility or transport organization.

Business owners may look at this situation and say to themselves, “I don’t have anything to do with defending banks or utility companies from cyber-attacks. There’s nothing I can do to protect myself from a cyber war.” In fact, private clouds offer significantly better protection from advanced cyber-attacks than public clouds or on-site infrastructures. First, many private clouds have in-place, enterprise-level network security. Smaller businesses can afford this degree of network security because they share the costs with their hosting provider’s other clients instead of paying for its design, implementation, and maintenance themselves. Second, private clouds would not be affected by an attack targeting a local electricity grid or transportation system because of their off-site location. Responsible private clouds providers also have backup systems spread throughout the country to prevent any kind of disruption or data loss. Finally, if a foreign government were to target a cloud computing service, it would likely set its sights on the millions of IT infrastructures hosted by a large public cloud, not the dozens of IT infrastructures on a normal-sized private cloud.

Companies looking for the best protection from every kind of cyber threat should select Private Cloud Solutions from IronOrbit. Our Orbital Security System protects your data in transit (network security, encryption), in storage (access control, audit trail, antivirus, antispyware), and in use (performance monitoring, content filtering). We include with all of our solutions a data backup system that features daily off-site backups, weekly server snapshots, geographically-separated facilities, and an ambitious Recovery Time Object (RTO) of 12 hours and a Recovery Point Objective (RPO) of 4 hours. Our Virtual Desktops can also prevent unintentional data loss by prohibiting the outward transfer of data. Despite all of these security features, IronOrbit Private Cloud Solutions also possess unsurpassed performance, reliability, and accessibility. With IT solutions from IronOrbit, you can take shelter from cyber threats without sacrificing costs, collaboration, or speed.