Cloud customers risk collateral DDoS

Are your operations safe from neighbours and their unwelcome visitors?

Organisations considering a move to the cloud should consider the "neighbourhood” and a provider’s ability to shield them from collateral risks, security experts have warned.

According to Arbor Networks chief scientist Craig Labovitz, collateral damage was a “tremendous issue” for carriers, cloud providers and their customers.

“We see many cases where an attack against a small co-located or hosted website will impact dozens or more of other unsuspecting sites that reside off the same switch or cluster,” Labovitz said.

“At a larger scale, carriers can lose entire cross-country links impacting thousands or millions of customers due to collateral damage from DDoS [distributed denial of service].”

Last December, domain name provider EveryDNS terminated its agreement with Wikileaks as it came under a sustained DDoS attack after leaking US embassy documents to the media.

The provider said the attacks on Wikileaks would “threaten the stability” of EveryDNS infrastructure and almost 500,000 customer sites.

In September, a DDoS attack by 'Anonymous' hackers on anti-piracy lobby group AFACT caused performance degradation for many other Australian websites.

The attack directed 60,000 active HTTP connections and 100 Mbps of additional bandwidth on webhost Netregistry's 'Zeus' cluster of servers that hosted the AFACT website.

Thousands of other websites on the cluster were affected, plus some webmail services and website administration consoles.

In separate discussions with iTnews.com.au, spokesmen for Microsoft Azure, Amazon Web Services and Salesforce.com downplayed the possibility of collateral damage on their clouds.

Amazon

Amazon spokesman Regina Tan said the company employed the same security isolations as those found in a traditional data centre, including physical security, network separation, server hardware and storage isolation (pdf).

Amazon provided each customer with individual firewalls to prevent intrusion from other instances, as well as packet-level isolation of network traffic and industry-standard encryption.

An additional virtual private cloud offering provided further protection by blocking unauthorised IP addresses. Further, Amazon’s scale allowed it to invest more heavily in policing and countermeasures than individual companies could afford, Tan said.

“There is nothing inherently at odds about providing on-demand infrastructure while also providing the security isolation companies have become accustomed to in their existing, privately-owned environments,” she said.

“We often find that we can improve companies’ security posture when they use Amazon Web Services.”

Microsoft

Microsoft’s chief security adviser Stuart Strathdee also highlighted economies of scale as an argument for how the cloud might improve, rather than harm, availability.

While “you can never say never” when considering security risks, Strathdee argued that Azure’s ability to monitor and address attacks was “unparalleled”.

“In an Azure environment, it really comes down to what Microsoft has, compared to what an organisation can do on their own,” he told iTnews.

“We’ve got extremely high levels of monitoring ... If they [attackers] were able to take a workload offline – and that’s a huge if – the alerts go out immediately.”

Explaining that the Azure environment was far from static, Strathdee said Microsoft frequently moved workloads between resource pools, data centres, and countries, to allow for maintenance, balance resources and defend against attacks.

Can public clouds be completely safe? Read on to page two for Salesforce.com's experience and why providers won't reveal who lives in your neighbourhood.