Beware the Dreaded Cloud Pirates! - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

IoT
IoT
Cloud
Commentary
7/15/2009
09:08 AM
David Linthicum
David Linthicum
Commentary
50%
50%

Beware the Dreaded Cloud Pirates!

I think the rise of cloud computing will leave many openings for criminals to take advantage of this paradigm shift. While many are concerned about malware and other types of attacks, the real money is to be made by fronting somebody else's intellectual property as your own, selling it "as a service."

In this San Jose Mercury News article, "Cloud computing may create new venues for high-tech criminals," Brandon Bailey outlines a compelling case around a potential downside of cloud computing: crime.

Matt Parrella, the federal government's top tech prosecutor in the Bay Area, had this to say:

"The trend toward cloud computing, in which businesses and consumers use the Internet to access data and software stored in remote servers, instead of their own computers, may create new opportunities for crime," Parrella suggested.

As an example, he mentioned cases that focused on shady operators who used overseas factories to crank out copies of counterfeit software on disks. Those cases may decline as software is more commonly sold online, Parrella said.

I see it as a bit more fundamental than that. I think the rise of cloud computing, typically by small businesses, will leave many openings for criminals to take advantage of this paradigm shift. While many are concerned about malware and other types of attacks, the real money is to be made by fronting somebody else's intellectual property as your own, selling it "as a service."

Take database technology, for instance. While you can lease Oracle as-a-service on the up-and-up from a cloud computing provider, what's to stop somebody else from placing a major brand database in their cloud and selling it as a multitenant service at a deep discount? Not much, considering that it's not difficult to do set up clouds these days, and it's just a matter of placing a provisioning engine in front of the technology, and you're in business. Same can be said for major enterprise applications, proprietary and sometimes confidential data, and other software intellectual property that can be delivered over the Internet.

Just like some issues with pornography and gambling sites, many of the criminal cloud computing sites will exist offshore and out of the reach of US laws. They will be difficult to prosecute, other than going after those who leverage the services, much like they are doing with the peer-to-peer music collectors these days. In many cases, I suspect, those who use sites that provide software-delivered IP that they don't own, won't know they are doing anything wrong until the Feds knock at their door. Or, worse, until you're sued by a software vendor for using services that you never knew were owned by them rather than your provider.

While there is really nothing you can do about these types of activities as a business, there are steps you can take to protect yourself:

First, make sure to create and communicate policies around the use of cloud-delivered resources, including the ability to validate the IP ownership, and establish formal agreements that limit your liability in case of IP violation.

Second, make sure to monitor use of remote sites. While this seems big brother-ish, I would look for patterns where a particular site is consuming a lot of bandwidth, and see if they are perhaps unsanctioned cloud computing sites that could come back and bite you.

Finally, provide training around the use of cloud computing, including some of the legal issues that should be understood. In most cases, knowledge provides the best protection.

This should not scare you away from cloud computing; it's just a cautionary tale to be a bit careful about whom you get into bed with.I think the rise of cloud computing will leave many openings for criminals to take advantage of this paradigm shift. While many are concerned about malware and other types of attacks, the real money is to be made by fronting somebody else's intellectual property as your own, selling it "as a service."

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
Comment  | 
Print  | 
More Insights
Slideshows
7 Technologies You Need to Know for Artificial Intelligence
Jessica Davis, Senior Editor, Enterprise Apps,  7/1/2019
Commentary
A Practical Guide to DevOps: It's Not that Scary
Cathleen Gagne, Managing Editor, InformationWeek,  7/5/2019
News
Data Science Salary Survey Reveals Market Shift
Jessica Davis, Senior Editor, Enterprise Apps,  6/27/2019
White Papers
Register for InformationWeek Newsletters
State of the Cloud
State of the Cloud
Cloud has drastically changed how IT organizations consume and deploy services in the digital age. This research report will delve into public, private and hybrid cloud adoption trends, with a special focus on infrastructure as a service and its role in the enterprise. Find out the challenges organizations are experiencing, and the technologies and strategies they are using to manage and mitigate those challenges today.
Video
Current Issue
A New World of IT Management in 2019
This IT Trend Report highlights how several years of developments in technology and business strategies have led to a subsequent wave of changes in the role of an IT organization, how CIOs and other IT leaders approach management, in addition to the jobs of many IT professionals up and down the org chart.
Slideshows
Flash Poll