Hackers see the cloud as ripe territory

Survey conducted at last month's Defcon finds that hackers see the cloud as ripe for the taking and don't believe that cloud vendors are doing enough to secure it.

Is the cloud a hacker's paradise? A survey at last month's Defcon hacking conference paints that picture.

Sponsored by security vendor Fortify Software, the survey asked 100 hackers who attended Defcon about security in the cloud. A sizable 96 percent said they believe the cloud opens up more hacking opportunities, while 89 percent said cloud vendors aren't doing enough to address cybersecurity issues.

Among the hackers surveyed, 45 percent said they had already tried to exploit vulnerabilities in the cloud. Although only 12 percent admitted to hacking into cloud systems for the money, that's still a significant percentage to ponder for companies moving to the cloud, according to Fortify. A Gartner study from earlier this year found that by 2012, 20 percent of businesses will own no back-end IT assets of their own, planning instead to store everything all in the cloud.

Drilling down further, 21 percent of those questioned see software as a service (SaaS) cloud systems as the most vulnerable. Among the hackers who'd snooped around the cloud, 33 percent said they found vulnerabilities in the public DNS (Domain Name System), 16 percent have hacked into log files, and 12 percent have been able to check out communications profiles.

"More than anything, this research confirms our ongoing observations that cloud vendors--as well as the IT software industry as a whole--need to redouble their governance and security assurance strategies when developing solutions, whether cloud-based or not, as all IT systems will eventually have to support a cloud resource," Fortify chief products officer Barmak Meftah said in a statement.

Other surveys have likewise found that IT professionals see the cloud as a risky place to house resources.

About the author

Journalist, software trainer, and Web developer Lance Whitney writes columns and reviews for CNET, Computer Shopper, Microsoft TechNet, and other technology sites. His first book, "Windows 8 Five Minutes at a Time," was published by Wiley & Sons in November 2012.


Discuss Hackers see the cloud as ripe territory

Conversation powered by Livefyre

Show Comments Hide Comments
Latest Articles from CNET
The other analog format: Cassette tape decks have never been cheaper to buy