May 17, 2011

Video Feature: The Cloud’s Criminal Element

Nicole Hemsoth

The term “cybercrime” has been floating around since mass adoption of the Internet, serving as a catch-all term to describe a litany of network-enabled criminal activities.  The umbrella term covers everything from the infamous Nigerian deposit scam emails to far more orchestrated efforts that spawn from what can best be described as a virtual mafia.

As cloud computing creates increasingly vast, consolidated global networks with centralized points of access, the once generalized problem of network-delivered crime bears far more meaning. Not only does the availability of enterprise-level hardware on demand and easy anonymity create new opportunities for all-out assaults using the cloud, the cloud itself can also be a target.

Cybecrime and cloud security expert, Dr. Nir Kshetri from the Bryan School of Economics at the University of North Carolina in Greensboro took some time this week to chat about current challenges for cloud service providers as well as users. We spoke after his appearance at the United Nations telecommunications event, where he presented his findings on the current state of cloud security policies.

Kshetri has a unique perspective as he comes from the global economics point of view. In addition to writing on cloud security and the new era of cybercrime, he has also considered the global financial and regional conditions that create opportunities for the new wave of networked criminal activity.

The conversation is quite timely; matters of cloud computing security and reliability have once again stolen the stage following a month of publicized problems, including outages, use of public cloud resources to launch attacks on remote networks, and instances of data loss.

Whether it’s high performance computing or scientific applications in question or the smallest web enterprise delivering consumer services, these issues are worth harkening back to once in a while. Think about Kshetri’s point for a moment—not only is the cybercrime industry valued in the trillions of dollars, most cloud service providers are only spending 10 percent on security.

While overall, any of these events are far from the norm when it comes to use of clouds, they present a chance to ask critical questions that often get pushed to the bottom of cloud computing conversations. While “security” as a general topic is the standard for chatting about cloud, too often questions about data protection, liability in the event of loss or compromise, and the security measures underlying the most widely-used cloud services aren’t answered.

Note: For more on the economics of global cybercrime (and the role of cloud security) Kshetri is the author of “The Global Cybercrime Industry: Economic, Institutional and Strategic Perspectives” which can be found here.

Share This