Technology News

latest updates from easySERVICE™

An ex-employee of a cloud provider was recently convicted of screwing with its servers — could this happen to you?

On April 25, a systems administrator was sentenced to 33 months in prison for intentionally causing damage to a protected computer. Jonathan Hartwell Wolberg of Tucson, Ariz., will end his prison term with 36 months of supervised release for sabotaging his former employer’s cloud computing server.

According to court documents, Wolberg had worked as a systems administrator for “Company A,” a cloud provider headquartered in Virginia. After resigning, Wolberg continued to enter the Company A cloud to damage its servers, its reputation, and its business. This included shutting down “key data servers,” including those supporting hospitals. As a result, Wolberg caused hundreds of thousands of dollars in damage.

This is the kind of story that scares — or is used to scare — IT organizations about the cloud. After all, core to the cloud-client relationship is your trust in the client provider to keep hackers away from the systems carrying your data and running your services.

In this case, Company A fell down on basic security measures: It didn’t change root-level passwords after the departure of an employee who had root-level access to the cloud systems, and it did not conduct security audits for that former employee. Wolberg committed the crime, but Company A made it all too easy for him to do so.

Although stories like this strike fear in the hearts of cloud-using and cloud-considering IT organizations, such tales are few and far between. They’re rare exceptions, fortunately, especially at the major cloud providers.

That said, it’s a good idea to ask your cloud provider a lot of questions, especially if it’s a smaller provider. In some cases, a premigration security audit is in order. The provider should be receptive to such validation requests — an enterprise looking to use its cloud could result in a business relationship that lasts for years.

Source: Associated Press

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: