FBI Seizes Public Cloud Servers Killing Innocent Applications

In my May 24 blog entry Amazon, Sony, Hackers and the Public Cloud, I described a potential risk to users of public cloud services:

There’s this little thing called the Patriot Act that allows the FBI and others to do just that – walk into Amazon’s data center and remove the machine running the hackers applications – and mine along with them.   And if I have a complex transactional application it’s very likely that I will lose something.

The seal of the FBIJust a couple of weeks later, that risk became reality – though admittedly the incident did not occur at Amazon, but at a data center in Reston, Virginia used by Swiss hosting provider DigitalOne AG.    At 1:15am, the FBI arrived, and seized 62 servers, ripping out their cables and removing them from three separate enclosures.   The effect, accordingto DigitalOne was “massive disruption to our business and functional processes to our clients’ uninvolved servers“.

DigitalOne claim that prior to the seizure, the authorities had requested information on three IP addresses.   DigitalOne precisely identified the three servers using those IP addresses to the FBI agents, but the agents seized a further 59 servers that were present in the same enclosures.   DigitalOne also claim that “various modules and cable connections, and also our company’s backup systems were affected, resulting in massive disruptions to a considerable number of client servers, our e-mail system, and our support system“. Read more of this post

Amazon, Sony, Hackers and the Public Cloud

Public cloud has come in for some intense scrutiny of late.   The recent outage at Amazon took a large number of Web sites down, in fact at Abiquo  it took 5 days for our main download server to come back online.  Fortunately, we had replicated copies and could  simply re-direct our DNS to another host, but others, with much more complex transactional applications, fared less well.   Last month, Sony was forced to shut down its Playstation Network after hackers stole personal details of its 77 million users.   Last Friday it emerged that the hackers had used code running on Amazon EC2 servers to carry out the attack, almost certainly using stolen identities and credit card details to set up their Amazon AWS accounts.

Sony Playstation Amazon AWS HackersShould Amazon be criticized for “allowing” this?   Absolutely not.   As Tom Kellermann, a member of U.S. President Barack Obama’s commission on cyber security, said on Bloomberg TV “it’s kind of like blaming Con Edison because they used their electricity”.   Amazon itself cannot reasonably be critisized here – the attack could have been carried out from anywhere using hosted servers, or from the hacker’s garage.   Using a hosted service like Amazon (or one of many others) just makes it harder to trace.

The issue here is not what the hackers did per se, but how it affects other public cloud users and potential users.     While adoption of services like Amazon among smaller companies has certainly been extensive (including by my own company), enterprises have been somewhat more cautious.   Of course there are exceptions.   After remarks I made when called by a Bloomberg journalist were selectively reported over ther weekend, I came in for some flak on Twitter, not least from Adrian Cockcroft of Netflix (Twitter @adrianco), who’s entire business runs on Amazon.   But while great new Internet companies like Netflix not only work, but clearly thrive in the public cloud, they are, with all respect to Adrian, relatively isolated examples. Read more of this post


Get every new post delivered to your Inbox.