Cyber war era cloud computing as a new weapon for hacker gunmen

The Iranian government has launched a massive cyber attack on US financial institutions using cloud computing, a feature of the New York Times recently. Internet attacks (cyberattack), which were frequently reported in the past, were launched by hackers such as Anonymous and LulzSec, but this time the "cyber war" between countries, and the cloud computing era is showing new problems.

An inexplicable cyber attack against the banks

According to the New York Times News report, the 2012 frequent cyber attacks on Bank of America, Citigroup and Wells Fargo (Welles Fargo) have introduced the analysis and perceptions of some security experts. The report noted that the attacks differed from the traditional approach and revealed some experts ' views that the Iranian Government was involved.

The key is that these attacks are not individual computers, but computers (server) networks in the datacenter. At the same time, although the target is the banking institution but there is no pecuniary loss, and there is no indication of customer information leakage. James A. Lewis, a computer expert at the Center for Strategic and International Studies in Washington, said: "The U.S. government suspects that the Iranian government is connected to these attacks." "Lewis worked for the Ministry of Commerce.

The report says there are countless cloud computing services, such as Amazon Web Services (AWS) and Google, that hijack some of the cloud computing services and use cloud computing's vast resources to launch a distributed denial of service DDoS for bank sites ( Distributed denial of Service) attack.

Network attacks using cloud computing

Experts at cloud computing vendors investigating the attacks found that the large amount of data used for the attack came from data centers and network hosting services that were distributed around the world, and had been infected with a highly radware and repetitive infection called "Brother No Problem (Itsoknoproblembro)" Of the malicious software, which sent the maximum amount of information flow up to 70G. However, the Radware company has not publicly infected cloud computing providers.

In addition, another feature of these attacks is the use of increased attack efficiency by sending a large number of encrypted (encryption) requests to the Bank's web site to slow down the site or crash its Web site. But in addition to malicious software, it is not known how the attackers hijacked the data centers.

The reports say these attacks on data centers are just the product of the Times. As more and more businesses and consumers use cloud computing services to handle their business, data centers are the targets of cyber attacks. Analysts at Forrester Research, an investigation firm, point out that attackers typically build private, proprietary clouds, stealing resources from poorly managed companies ' cloud computing systems, or building networks from multiple virtual institutions.

On the other hand, in an interview with The New York Times, the Iranian government issued a statement denying involvement in cyber attacks.

The era of cyber warfare has arrived?

In fact, since the frequent occurrence of new attacks, the media have begun to show reports of Itsoknoproblembro and Iran's involvement in the attacks. In October 2012, for example, The Wall Street Journal Journal Wall that Iranian hackers had launched cyber attacks against US banks that the Iranian government could support.

The report confirmed that the U.S. government in 2012 to prevent the development of Iran's nuclear program, the imposition of economic sanctions period, as well as the Iranian nuclear facilities launched a cyber attack. In June, the New York Times reported the fact that the United States and the Israeli Government had jointly developed the Stuxnet worm (the Super Factory virus) by interviewing people at the White House's status analysis room meeting. According to Wikipedia, about a 60% of the use of Stuxnet is concentrated in Iran.

In the fall of the same year, Business Insider, an American science and technology blogger, published an article called "How the U.S. government triggered cyber attacks by Iranian hackers", which specifically analyzed the trend of cyber warfare. The report also disclosed that more than 140 countries are conducting cyber-attack espionage and war-oriented functional development.

At the same time, the report said, because the Pentagon believes that cyber attacks have posed a threat to national security, it is legitimate for the military to engage in retaliatory acts, and that this series of cyber attacks could develop into a real war. Finally, the article cited the network Security Enterprise Stonesoft Network security director Jarno Limnell said: "At present, the network war is still in the field of uncultivated, is expected to gradually improve the relevant provisions." ”

The hacker's weapon changed from pistol to Cannon.

ReadWriteWeb, a well-known technology blogger, did not talk about whether this series of attacks was related to the Iranian government, but rather from the analysis of the use of cloud computing attack methods to explore the problem. The article talks about the difficulty of these attacks.

"The operating system and network infrastructure for hosting virtual machine containers is secure, and it is important to develop control access for containers that load user servers," said Patrick McBride, Xceedium, the marketing manager of the International and Remote control information management products provider. "And this is part of the work of a user enterprise that uses cloud computing services."

"If someone with an account in Amazon Cloud computing Services (AWS) can easily install and configure Hadoop cluster," McBride said. However, if you do not control access to the server, implementing patches and other maintenance will be as vulnerable as the server connected to the network. "In other words, cloud computing infrastructure is safe, but depending on the user's access management, the situation can be dangerous."

The Read Write Web concludes that because hackers can easily execute attacks through cloud computing, a series of attacks can be launched even if there is no government agency involved behind the incident. "One of the bad news for banks and other businesses is that hackers have turned their weapons from traditional virtual Pistols (PCs) into Cannons (cloud computing)," the article said. ”

At present, the relevant departments in view of the above situation are also intensifying the search for corresponding countermeasures. AOL, for example, has reported that DARPA (Defense Advanced Research Projects Agency), the U.S. Department of Defense Advanced Studies Agency (Anglo Online) In order to protect the system has been developed to prevent the use of cloud computing to launch a network attack software, the future is expected to make it a business solution.

It can be argued that the war between system managers and hackers, as cloud computing has entered a new phase.

(Responsible editor: Schpeppen)