The Cloud Again...
Tags: Cloud, Cryptography, Security
Have you read the recent news reports about Microsoft Azure going down across the planet because someone at Microsoft forgot to update the SSL certificate? It was widley reported, for example here, here, here and again here. It's not that I'm picking on Microsoft. After all, remember the DropBox outage, the Amazon Cloud outage, and several more. And then there is the recent security problem at Evernote...
The main reason for writing this entry however is not to point a finger at any of these providers. It's to show you that The Cloud sometimes stops being there - and the potential for problems can be much worse than the outages mentioned above. I'm talking about a certain thing called "The Smart Grid"...
Ok, so the idea is to have all the Smart Meters communicate over WiFi or RF to have real time consumer data to model demand/response and better predict grid fluctuations and optimise pricing - and of course, the metering data itself can be very valuable. This would work together with all the other aspects of the Smart Grid from the power supply to the substations to the actual meter at the home. All this data would be transmitted into The Cloud of course (just Google it)... what could possibly go wrong?
Let's take a few quotes from the articles liked to at the beginning on the article. For example, this one (from The Register):
The storage knockout created a cascading series of failures in other crucial parts of Azure, eventually bringing down Xbox Live components as well.
So, not only the people storing files on Azure had problems, those people using a seemingly unrelated service had problems as well. The article continues stating that Microsoft will have to explain to its customers how this crucial security certificate was left to expire bringing down Azure, with related and unrelated services, worldwide. However, the word that really cought my eye in the sentence I quoted above was "cascading". One failure let to another, which led to another, etc.
Now imagine, if you will, the Smart Grid of the not so distant future. All those systems interconnected on a level of complexity much greater than a corporate network. Where security measures are far from sufficient, such as normal network security tools that are being scaled far beyond their intended use. Where the whole key infrastructure and certificate management process alone is vast compared to any other network out there. Where you have proprietary protocols, non-standards, and in essence a highly heterogenous mix of hardware and software somehow working togehter. Where critical timings are measured in single digit milliseconds and where at several points in the network encrypting the data is not possible because of these timing constraints. Where the typical life time of a device is measured in excess of a decade, often impossible to update any firmware running on these devices.
I recently wrote an article about some of these and other security issues; you can find it here (PDF) if you're interested.
Can you imagine what the results would be of a 'cascading error' which does not just prevent you from accessing some of your files and play XBox, but turns off the power to your house? Block? Hospital? The amount of damage that can be caused by a distributed denial of service attack against such a system? Think about StuxNet, Flame, and other malware being able to spread through critical infrastructure. Many SCADA systems currently in use are already vulnarable, since they were never designed to be connected to anything resembling the Internet. Now let's increase the risk by sending all the data into "The Cloud" and do the control of this network also in "The Cloud".
Does that sound like a good idea to you? It doesn't to me... Remember, everytime you read "The Cloud" in a sentence, replace it with "on someone elses' computer" and re-read the sentence. If you don't get the feeling that there might be some security and privacy issues at that point, you've already turned to the dark side :-)