Logging In...
Profile cancel
Recent Posts
- Service Outage
- A Lesson in Cloud
- In Case of Fire…
- Replicate Me!
- Season’s Greeting from AppliedUsers!
Calendar
| M | T | W | T | F | S | S |
|---|---|---|---|---|---|---|
| « Feb | ||||||
| 1 | 2 | 3 | 4 | 5 | ||
| 6 | 7 | 8 | 9 | 10 | 11 | 12 |
| 13 | 14 | 15 | 16 | 17 | 18 | 19 |
| 20 | 21 | 22 | 23 | 24 | 25 | 26 |
| 27 | 28 | 29 | 30 | 31 | ||
Blogroll
Meta
Tags
0 day
0day
antivirus
application error
application whitelisting
Applied
Applied Systems
appliedusers
archiving
ASCnet
backup
bit9
botnets
clntfile.exe
command line
coretrace
disaster planning
exploit
Firefox
forums
Google
Google China
IE
internet
IPv4
IPv6
lnk exploit
malware
Mariposa
Microsoft
networking
network security
Opera
savantprotection
Security
SEO
Sophos
tape drives
tips
tricks
Waledac
web design
web sites
Windows
WinTAM
A Lesson in Cloud
A recent Threatpost article http://threatpost.com/en_us/a3t where Greg Hoglund comes pretty close to ranting about the actions of Anon and that they did not "hack" HBGary - they just weaseled their way into the HBGary Google account - does illuminate some of the issues with using Cloud services.
You see, Greg tried to do some damage control upon discovering some level of intrusion was underway, but had to go through a Google call center in India where he got no love. In the article Hoglund has a few pointers of his own, but I would advise doing your research and consider what all the possibilities are.
If this had been a physical server in an accessible location, a sysadmin could isolate the affected system, remove it from the network, image the drive for forensic purposes and start the incident response machine.
I remain ambivalent about the cloud - it's not all lollypops and candy canes.