Did you open up a Google doc today? You used the cloud. You did it again when you checked email and Facebook. And when you uploaded that file to Dropbox? You used cloud storage. You can see where this is going. The cloud dominates the modern internet. In fact, global cloud IP traffic will reach 6.5 zettabytes—or a trillion gigabytes—annually by the end of 2018. That’s the equivalent of streaming 234 million years of HD-TV. Everyone from mega-corporations to individual internet users store data in the cloud, both non-sensitive and private—often extremely personal—information.
So what exactly is this mystical floating storage device? No, it’s not a “farting… Monty Python cloud” that “emanates the voice of God,” nor can it “fit inside a cellphone,” as people semi-seriously told the Star Tribune. The cloud has a physical presence: It’s a massive network of multi-functional servers held inwarehouses around the world. Apple’s iCloud warehouse occupies 200 acres; one of Facebook’s two warehouses occupies the square footage of an 81-story building (powered by 950 miles of cable). Whenever you upload a piece of information, it crosses the transom to a tactile location and settles down in servers owned by a range of companies.
Code Spaces contacted the hackers, who demanded an actual ransom in exchange for ceasing their assault.
And just like your home hard drive, the cloud can crash or be violated by people with nefarious intentions.
You might have first been made aware of the cloud’s vulnerability when Apple fell prey to cloud-based hacks into iCloud’s back-up systems, resulting in the release of dozens of celebrity nude photos. But small companies are targets, too—and the attacks on them have significant real-world implications. Code Spaces, a hosting provider that offered project management and development assistance, was forced to go out of business after their cloud system was hacked. First, the hackers initiated a DDoS attack on the site, sending a bandwidth-overwhelming amount of fake traffic to the service that was enough to block legitimate traffic. Code Spaces contacted the hackers, who demanded an actual ransom in exchange for ceasing their assault. When Code Spaces declined to pay, the hackers didn’t simply continue bombarding the company’s service with traffic. They started to delete archived information at random from Code Spaces’s cloud storage, resulting in potential recovery costs that were high enough to compel Code Spaces to cease operations.
The hijacking of Code Spaces’ business operations offers a valuable lesson. If cloud providers aren’t following a protocol of keeping multiple copies of data in multiple locations, all of that information can and likely will be compromised, whether through malicious actions or simple physical fallibility, the kind that comes from water damage or aging components.
Illustrations by Brian Hurst