#cloud services

During World War II, French Resistance cells used guerrilla attacks to sabotage transport facilities, the electrical grid and telecommunications against the invading Nazi army. They also created escape networks for soldiers trapped behind enemy lines, published news at a time when it was being actively suppressed and provided intel. Today they are considered to be instrumental to the eventual liberation of the nation by Allied forces, since the information passed between them was critical to planning countermoves.

Why am I bringing up this history? Because while the battlefield and targets have changed, the tactics have not.

On March 11th, the hacktivist entity known as Handala claimed responsibility for executing a cyber attack against the Stryker Corporation, a U.S. based medical technology company. Employees around the world discovered that entire systems and devices had been wiped, often rendered inoperable, and that their login pages had been defaced (which in this context means their company logo had been replaced with one from the attacker). Krebs On Security reports that 200,000 systems, servers and mobile devices have had their data erased, forcing a shutdown of Stryker offices in 79 countries. Bleeping Computer corroborates this statement, adding that 50 terabytes of data were stolen before the wipe occurred. The attack is presumed to have come via Microsoft Intune, a cloud-based solution built for IT teams to enforce security and data compliance policies. Essentially, every device connected with Intune was compromised and wiped through a remote overwrite command.

Handala, which is linked to Iranian intelligence agencies, published a manifesto on Telegram at the time of the breach, stating that the attack was in retaliation for the February 28th air strike and ongoing assaults against the ‘infrastructure of the Axis of Resistance’. The manifesto includes ideological accusations and warns that this is only the first step.

Regardless of how one views the conflict with Iran, this breach highlights something I’ve talked about before: weakened security by way of reliance on a digital monoculture. A single point of contact was all it took to reduce an entire corporation to a standstill. And in turn, there is a downstream effect across a number of medical services, which are disconnecting from Stryker systems to lower the risk of further data loss but will ultimately make their jobs harder to accomplish. This is a supply-chain disruption, and likely the objective of the breach.

Arctic Wolf recommends the enforcement of multi‑admin approval for high impact Intune operations in their article on the subject, which is good advice. However, I think the better advice is to diversify data storage across more than one location, or at least to have hard copy backups that are not stored online in the first place. I have long been wary of cloud storage, and this breach exemplifies why. It is inherently vulnerable as a gateway to vast amounts of data. If the cloud goes down or is attacked, everything contained within it is now compromised. This isn’t the first time a cloud based issue has disrupted business as usual. In October, both Amazon Web Services and Azure Front Door suffered DNS errors that shut down their respective clouds for hours at a time, just a week apart. Entire swathes of the web were interrupted. Even without loss of data, such disruptions are costly. In my report on Azure’s outage, I even referenced a question of imagining what would happen if an outage was created by a malicious attack. Well, here we are.

There is a meme floating around social media which depicts a photograph of a locked case of 3.5 inch floppy discs and the caption ‘information security in the 90’s’. And sure, we can make fun of outdated software. But the response below the meme is one that bears repeating: hard copy data couldn’t be hacked from halfway across the world. It’s something to think about.

Dive into the world of Natural Language Processing on AWS and learn how to build intelligent applications with services like Amazon Comprehend, Transcribe, and Polly. Explore the future of language-driven AI and cloud computing #AWSNLP #AI #CloudComputing

Natural Language Processing (NLP) has emerged as a transformative force in the realm of artificial intelligence, enabling computers to comprehend and generate human-like text. As businesses increasingly recognize the value of language-driven insights and applications, cloud platforms such as Amazon Web Services (AWS) have played a pivotal role in democratizing access to advanced NLP capabilities.…