Information Warfare: Hiding Behind The Cloud

Archives

December 8, 2011: The U.S. NSA (National Security Agency) and Department of Defense are planning on increasing their Internet defenses by putting more of their computer operations in a cloud system, and spending a lot more on protecting the cloud from attacks. Cloud computing is a system where data and software are supplied to PCs or laptops via a network connection from a large and well-protected number of servers (PCs customized to provide information on the Internet). Usually, it's via the Internet, but it can be a local, closed (to the Internet) system as well. The main point here is that you can devote all your security resources to the collection of computers that run the cloud. You don't have to worry so much about the users' PCs or laptops, because time they use the cloud, their software (word processor, spreadsheet, whatever) and data is loaded from the cloud. When they save data to the cloud, it is checked for malware (viruses, worms and other stuff hackers use to infect and take control of your computer.)

NSA began, after World War II, as a communications security organization, dedicated largely to creating ciphers to protect American communications, and decoding the ciphers other nations use. Now, the NSA is in the lead developing better network security for the Department of Defense and all American computer networks.

Currently the NSA and Department of Defense have over seven million computers, printers and other devices connected to 15,000 networks (most of them local) and many of these are also connected to the Internet. The military cannot compete with civilian (especially financial) firms for the best network security people, and as a result are more vulnerable than any other large organization. The U.S. Department of Defense is the largest organization on the planet, and a major target for hackers. By shifting to a cloud-based Internet security system, it should make it harder for enemy intruders to get in.

A cloud based system is, in theory, more secure from attack. But in practice, it remains uncertain how much more secure, if at all the cloud is. What is certain is that the current system of trying to protect individual PCs or local networks is not working out too well.