The Skynet is upon us and it has chosen Amazon as its prime target. (For non-Terminator fans, Skynet is the main antagonist in the Terminator franchise — an artificially intelligent system which became self-aware and revolted against its creators. April 21st was the date when Skynet began its attack on the human race.) Proving to be true this time, Skynet struck in the guise of massive outages at Amazon Web Services‘ N. Virginia Data Center on April 21st, triggering immediate concerns over security of data on the cloud. Within hours, large number of people were already quoting this incident as an example for why you shouldn’t go for a cloud. Hundreds of popular websites including Foursquare, Change.org, fotopedia and Wattpad went down because of multiple failures at Amazon’s N. Virginia Data Center. The services were fully restored only on the 24th of April, making it the longest and most infamous disasters in the short history of cloud computing.
For starters, Amazon’s image was completely aback after this incident. To make matters worse, Amazon refrained from making any statements about the incident even when the whole world was trying to understand what exactly happened.
While, there is no official word yet, according to certain speculations it could be the Chinese hackers (and probably state sponsored) who brought the servers down. In a letter sent to its members, Change.org announced that the site has been a target to cyber attacks coming from China, probably ordered by the Chinese government. Amazon Web Services hosted Change.org now reported, “Change.org is currently experiencing intermittent downtime due to a denial of service attack from China on our web site. It appears the attack is in response to a Change.org petition signed by nearly 100,000 people worldwide, who are standing against the detention of Chinese artist and activist Ai WeiWei. Despite this attack on our members and our platform, we will continue to stand with the supporters of Ai Weiwei to defend free speech and the freedom to organize for people everywhere.”
There is thus a high likely hood that an attack trying to pull down change.org actually brought down the entire N. Virginia data center of Amazon.
Now, before you decide against Cloud as an option to store data, consider this:
While Amazon was constantly trying to update customers on how they can remirror their data or different locations (thought the tips didn’t work in many cases), most customers had more or less recovered from the downtime in 2 days time. Though even two days sound quite a lot, the question is, how many small enterprises have the ability to sustain an attack of this magnitude, which was possibly a state sponsored attack. Those who are criticizing cloud for this disaster, would they have been able to recover in 2-3 days time had this attack happened directly on their infrastructure instead of Amazon Cloud? Was it possible for change.org to partially recover from the attack within hours of impact? If you do some analysis, you’ll get your answer.
How many organisations are ISO 27001 certified? How many organisations have been certified with multiple third party auditors on innumerous parameters? If you analyse all this, you’ll feel that hundreds of organisations that were impacted with the attack didn’t really make a poor decision to go with the cloud. In fact, they were the wisest of the lot. The only flip side of the equation is that they were impacted due to collateral damage as the attacks weren’t targeted at them!
The problem doesn’t lie with the cloud but with how you manage it. Here is a example on how data needs to be managed over the cloud and how you can prevent such disasters from impacting you.