Dangers in the Cloud

For most Survivalists the possibility of an apocalypse is never beyond reason.  With so many threats to our way of life, Economic Collapse, Pandemic Virus, Computer Born Virus, Solar Flare, Chinese EMP weapon, Nuclear War,  TEOTWAWKI, etc.  You can add one more to the list, Cloud Computing.

USA Berkey Filters

By GovernmentIT, a reader of SurvivalCache.com

Cloud Computing

For most business people, military brass, local, state, and federal government officials the term “Cloud Computing” sounds like a dream, the ideal way to do more with less resources.  To the rest of the world outside the information technology market the term “Cloud Computing” sounds like something to do with wireless or satellite technology.  It has nothing to do with these technologies.

Cloud Computing by definition means to harness the computing power of a large data center (or data centers) using high speed Dangers of Cloud Computinginternet connectivity. (Data Centers are explained below) What do I mean by this?  The future of computing will require people (including business, military, and government) to be hooked up to the internet in order to complete their daily tasks.  Computers in the future will basically be terminals to access software, hardware, websites, and databases housed on servers in a data center via a high speed internet connection.

To explain this to non-nerds, think of it this way.  When you first started doing email more than a decade ago, you needed to have a software program such as Microsoft Outlook running on your computer.  Now using Cloud Computing, all you need is a high speed internet connection to connect to a website where you log in with your username/password and boom….your email is viewed through a web browser….that is a form of Cloud Computing.  So the cloud has been part of your life for a number of years without you even knowing it.  Traditional computing runs software on your computer at your home or office.  Cloud Computing runs software from a data center over a high speed connection and your computer screen is just a terminal.

Cloud Computing – What is it? (Watch Now)
Cloud Computing Sales Pitch (Watch Now)

The Modern Data Center

Modern data centers are something of an engineering marvel.  These large concrete structures are a warehouse for computer servers and network equipment.  The first thing you will notice about a Data Center is that it will have no windows and no commercial signage on the outside of the building.  If it does have a sign, it might be something fake to throw people off from what is really going on inside.  Being low key, nondescript is the first rule in running a data center.  Remote computer hackers are obviously a major problem for the people who run data centers but an armed physical assault must also be countered as well.  The data and websites that these data centers hold are more valuable than all of the gold in Fort Knox.  Name a company and they have data stored at these data centers.  Microsoft, Exxon, Bank of America, JP Morgan, Google, Oracle, Dell, Ford, Duke Energy, etc.

The modern data centers are built with extreme redundancy in mind.  Power from multiple power companies, battery backups, Dangers of Cloud Computingcommercial grade diesel generators, redundant fuel contracts from diverse fuel suppliers, connectivity from multiple high speed networks, redundant network switches and routers, redundant HVAC systems, anti-hacking and virus firewalls built into the network, security grade fencing around the complex, security lighting, cameras throughout the inside and outside of the building, armed guards 24 x 7, heavy steel doors with multiple levels of internal security, locked steel cages to house the computer servers.  Data Center construction also takes into consideration weather, earthquake/hurricane prone areas, access to water, the flight path of planes, poverty/crime levels of the surrounding population, police & fire department capability, and much more.

Getting Access to the Data Center

To access your company’s rented steel cage in the data center, it comes down to three levels of security.

  1. Who you are.  (You must be on the list of approved personal to access the data center with two forms of Gov ID)
  2. What you have. (You must have the access key to your cage)
  3. What you know.  (You must know your personal access code)

These levels of security make it extremely difficult to fake your way into a data center.  If you are missing any piece of the security Cloud Computing Outagespuzzle you will be turned away and company/government personnel will be alerted to the attempted intrusion.  Some data centers allow no customer access, everything is done remotely over an internet connection.

Spotting one of these data centers is not hard if you know what to look for.  They are usually located just outside large cities in industrial parks.  They usually are fenced in with fencing that says “This fence will be hard to climb and hard to cut but there is nothing of real value in this building”, you will not see razor wire or a type of fencing that draws attention to the building.  Remember, low key is the first rule to running a data center.  There will be a limited number of windows and they will almost always be in the front of the building.  Cameras will be all over the building but difficult to see.  Security will be layered, no roaming personnel outside but the parking lot will sometimes be secured.  You have to enter the parking lot to really worry or alert security personnel to your presence.   You can usually see two large diesel generators out back and they are usually fenced in with a second layer of fencing.  You will not see any markings on these data centers because their location and identity are a bit of a secret.

These highly engineered data centers and the availability of high speed internet has led to this new concept of cloud computing and it all comes down to one thing, saving money.  If you are a small company and have to keep track of sales and customer data.  You can do things the old way, hire a network engineer or IT guy.  Have him or her set up a computer room in your building and install software on each employees computer and have reports sent to the main computer server located in your computer room.  By the way, you will need to be responsible for your own network security and any upgrades that need to take place on your employee’s computer.  Also if the power goes out in your building, you are screwed and your company is down unless the building has a backup power source which is highly unlikely.  Also if one of your competitors (or Chinese) like your products or ideas, they might break into the building while your staff is away to steal your corporate secrets and product plans.  All things you need to consider.

On the flip side, you could use cloud computing (US Government Moves to the Cloud).  As the CEO you can rest easy at night and saveCloud Computing Outages a ton of money by outsourcing your customer information and sales data to Salesforce.com and let Google or Microsoft be your new corporate email provider and never worry about spam and viruses again because they will be filtered out at the data center level by Google before they reach your workforce’s computers.  Amazon cloud services will now run all of your order processing and e-commerce site on their servers housed at one of their many data centers across the country.  Go ahead and fire half of your IT staff because now you have the experts at Salesforce.com, Microsoft, Google, and Amazon running your IT department and the only thing you have to worry about is the internet going down or the data center blowing up, which has never happened.

Now take this example and multiple it out by every Fortune 500 Company, Large Corporate Bank, Defense Contractor, Military Branch, Government Agency, and Small Business across this country and you see where the problem lies.  We are centralizing all of our resources and expertise into these data centers and the need to save even more money has now arrived.

Data Centers are very expensive to run and maintain.  We are now seeing a move to centralize many data centers into so called mega data centers.  These mega data centers will standardize software and hardware equipment to save money. These standardizations could allow adversaries to target key components of the data center and exploit them all at once bringing down multiple data centers in a major attack. The US Federal Government has recently announced the reduction of over 800 data centers and will relocate many server farms from different government agencies into the same data centers.  For example servers from the Treasury Department could be located with servers from Department of Homeland Security and so on.  This is already happening but will more than likely move to a larger scale as Government Agencies rush to save money and do more with fewer resources.  This is happening on a faster scale in the private sector.  It no longer makes financial sense for banks or private firms to run data centers.  They are not in the data center business; they are in the banking business.  Therefore it is not uncommon to see servers from competing banks or businesses in the same data center.

With the future of computing power and data storage being centralized into these mega data centers, it is cause for concern.  Already we have seen major outages in the cloud.  Once an outage happens, you have little recourse.  You can call the data center operator and their customer service person will say to you “We are aware of the problem, our staff is working to solve the problem, we have no estimate on how soon the outage will be repaired.”  If you can’t deal with  that….work on an off site redundancy plan.  Think it can’t happen?

Amazon Cloud EC2 Cloud Outage Down Redit, Quora
Amazon Cloud Outage Staggers Into Day 2
Amazon Cloud Outage Downs Netflix
Microsoft & Google Suffer Cloud Computing Outages
Cloud Computing Outages in 2011
The 10 Worst Cloud Outages
Outage Leaves Exodus Data Center in the Dark
Verizon Data Center Outage Causing Headaches
Savvis Outage Knocks Lycos Offline
GMAIL Outage Pours Rain on Cloud Computing Party

As the race to the cloud continues and more of your life will be on the cloud, be aware of your own personal critical infrastructure.  Access to money, credit, personal information, electricity, communication, and medical records.

About GovernmentIT –  a network engineer who works for a major defense contractor in the Metro Washington DC area and is a daily reader of SurvivalCache.com.

Photos By:
Bill Strong
Leading Edge
Digital Realty

Please support SurvivalCache.com by shopping at Amazon (Click Here to Support)

23 thoughts on “Dangers in the Cloud”

  1. Great article. Cloud computing is the next iteration of the old server-sharing model that made Perot a millionaire. Old is new again. The largest issue I have with clouding is the security issue, parred into two arms.

    The first is the vulnerability of your data to remote hacking, without your knowledge. Data has been hacked and stolen before, and not just at cloud centers. In more instances than not, the damage is not reported right away… certainly not as quickly as victims would like… which is NOW! Without your own security staff in place to detect and react to intrusions, you are at the mercy of the host and their staff.

    The second is this: demands on your data by law enforcement. The law can get a warrant, and take everything you have from a remote center. Unless you have a redundant host, your data is gone. with the data under your control locally, you can devise your own back-up protection methodology to deal with theft, by all sources.

    Reply
    • LP – now we are finding out that the government no longer needs a warrant. The old days….when the constitution meant something.

      Reply
  2. When I was a sys admin for the Phoenix PD, cyber security was fairly simple – we were not on the net. Period. When it was necessary to go net, the sys admin was there to monitor and control. Our National data searches was done by a separate machine that was not able to access our main system. In the 10 years I'm aware of, we were never hacked.
    That is NOT an option with the cloud. Don't like the cloud … but I'm paranoid. Blessed are the Pessimist, for they Hath made BACKUPS!

    Reply
      • Yep, as a pessimist, things rarely turn out as bad as I think they will, so even though I'm wrong, it is a pleasant surprise. If it is as bad as I think, then I was RIGHT.
        The Optimist has the same problem in reverse. Things are rarely as good as they think so they are always disappointed. Only rarely is it as good as they think and then they ONLY met expectations. Pessimist are happier people and more likely to survive.

        Reply
        • CaptBart, you're not a pessimist, you're a realist. A pessimist isn't happy when things go right he or she just waits until things fail like he or she said they would.

          I loved this article and I believe that GovernmentIT is just advising the readers on the dangers of relying on Cloud Computing Technology. In the days when the internet was young I would secure my system by not keeping any of my data on my hard drives. I am thinking of going back to that policy and I'm damned sure not going to put it out there on the web on a Cloud Server's drive space for anyone in the universe to access.

          Reply
          • KS,
            With the advent of tiny (really tiny) thumb drives with over 16 gigabytes storage available, there is no reason NOT to do as you suggest. I did some classified computing at one time; our machines did not have hard drives at all. The Bernoulli drives were popular and the machine had dual Bernoulli drives. We would plug in the drive to boot and store in a safe when not in use. Each user had his own Bernoulli cartridges – you couldn't even boot the machine without YOUR cartridges in it. Safe, secure. Now, those tiny thumb drives have more space than even the Bernoulli drives had so, if I was building a new system, ALL my data would be not on the hard drive.
            Just remember, IF there is a hard drive present the system often stores working copies of stuff to the hard drive. You must be very careful to configure your system properly or your hard drive may still contain stuff you want elsewhere.

  3. Love this site… And it’s always a good thing to be self prepared. But like it or not, technology is here to stay. I feel that extreme paranoia like this article just creates fear, disillusion and has the ability to dis attachment from society.

    Don’t be so extreme. Prepare for chaos… But for goodness sakes, enjoy life too! Living in constant fear and worry is no way to live your life.

    Reply
  4. Just because I'm paranoid schitzophrenic doesn't mean they aren't out to get us. By the way, don't look up or you may get hit with a missle from a Predator drone; they're probably using facial recognition, too.

    Reply
  5. I have worked for over 15 years in InfoSec Expert, SysAdmin, and Network Architect. While the cloud is a scary place for some it is as open to intrusion as any traditional data center. I have been using AWS (Amazon Web Servcies) and virtualization since it started and the instances you referenced were outages due to poor redundancy on the part of NetFlix, Quora, etc. They only used one availability zone (Virginia) for their AWS EC2 deployments. While not using others as backups.

    As for the mega data centers referred to in the post Apple has just opened a multi-billion dollar one in NC. The bigger threat to these places is not in my opinion attacks on them directly but more on what powers them and on the DNS system (see http://aspirationsoftware.com/indexdomain-name-sy…. There are 13 root name servers in the world which are the weak point of the Internet as we know it (http://en.wikipedia.org/wiki/Root_name_server). These are a much more obvious target than cloud computing. Since if they were attacked everyone would be screwed unless you know the IP address of where you are going.

    Reply
  6. FREAKIN' SCARY!!! Personally, I don't use the computer for much, if I didn't need my laptop for school then I probably wouldn't even have one… I would probably do all of my recipe development in an old spiral notebook like I used to do (along with the acompanying book of presentation sketch's); IF I was motivated, I would probably do all my preservation method/bushcraft descriptions or explanations/hunting and fishing methods/butchering methods/etc in big spiral binders; Would no longer have the annoyance of facebook (my friend set-up an account for me, I even have to ask her sometimes because I can't remember the password she gave me!); No email (which doesn't bother me!)… I guess not having computers doesn't sound so bad actually, though I would probably miss having so much reading matereal at my fingertips, I would miss netflix, and I would certainly get bored as hell without SurvivalCache & SHTF Blog! It's always nice to converse with like-minded folks. Guess it's all here to stay, for better or worse!

    Reply
  7. The cloud sucks. I am an IT grad with ten years experience and a survivalist, and I always advise people to avoid cloud computing.

    Reply
  8. I AM 68 , BEEN IN SURVIVAL SINCE I WAS IN MY 30'S . NOW HEALTH , MONEY AND PHYSICAL PROBLEMS MEAN I HAVE TO HOLD UP AND CAN BUG OUT ANY MORE. BUT, I SURE WILL TAKE A LOT OF THEM WITH ME. HAVEN'T SEEN THE WORST YET BUT IT SEEMS IT STILL IS COMING THIS WAY. GOOD LUCK TO ALL AND REMEMBER "KEEP QUITE". BIRDS OF A FEATHER– YOU KNOW.

    Reply
  9. Again another example of "Technology is great until it fails" is shown for its weaknesses along with its strengths. The danger with Cloud Computing technologies is that take out any of the data storage sites by any means and you've crippled a significant part of the economy. Such sites could be attacked virtually or physically. 24/7 guard forces are usually minimum wage paided contract security officers carrying what ever sidearm their primary employer issues them. All a really skillfull assailant would have to do is to park a EMP generator scaled to fit in a cargo van near to the facility and press the button. Another physical attack on such a facility would be a truck bomb or other explosive device. The bomber wouldn't even need ANFO the bomber could use propane tanks and PETN or similar explosive to make a crude FAB (Fuel Air Bomb) and take out a Data Center. Better yet just make an attack on the power grid and boom the area the Data Center is in goes into the Middle Ages over night.

    Reply
    • Attacking the power grid would not necessarily, or even remotely, bring down the data center. Any professionally run data center will have it's own battery back-up systems as well as on-site generators to provide uninterrupted service for such an event. Whether or not other infrastructure which provides access to the data center is still functional in a grid-down scenario is another matter (like, will your cable modem at home work when the power is out?), but the data center itself will likely be operational.
      Also, depending on how the building and security systems are constructed, an EMP may or may not have the capability to destroy the electronics inside. I don't have any evidence to support this idea, but I might suppose that some of the larger data centers, like for banks, Amazon, etc have or are incorporating faraday cage-like protection into their locations. I know I would if that was my job.

      Reply
  10. You realize "cloud computing" is just the modern equivalent of renting time-share on a mainframe, right?

    This is nothing new, and treating every new development as if it's the end of the world just makes people look like clowns.

    Reply
  11. Still think when it comes to computers, networks, etc. we as a people should take warning from such works of fiction as I Robot, Do Androids Dream of Electric Sheep/ Blade Runner, Total Recall, the game Traveller the New Era, both Battlestar Galactica serieses, and any Star Trek, Star Trek: The Next Generation that involves relying too much on computers or related technologies.

    Reply
  12. Computers in the future will basically be terminals to access software, hardware, websites, and databases housed on servers in a data center via a high speed internet connection Poppy

    Reply
  13. well the nice thing is that the NSA wont have to hack as it will have it already I call it the CLOD
    most are correct to have a hard copy or a personal notebook of survival information
    just in case a flsh drive full of copies of your information is great just encrypt it in case it goes missing
    encryption software can be found for free just make sure the passwaord is 20 long has a capitol letter and a special charater like a line of a poem a bible verse line from a movie but put in a ringer word in place of an original
    so any brute force cracking tools wont pop it easily in time nothing is uncrackable.
    I keep pictures scanned copies of important documents ebooks music movies personal videos It use to take more than a few now prices of flash drives are cheap 32 to 64 gig holds a lot of info if you have a lot of video just get more drives if the end does not knock out all power you can have a library of movies & books.

    while we can I would get a state I.D. and get acceptable copies of birth certificate and one more legal photo I.D
    just in case and keep them squirreled away with new laws your in trouble unless your an undocumented alien then they will just take your word for it <}:=)

    Reply

Leave a Comment