Amazon’s EC2 blasted by botnet
Multiple problems (an internal service gone awry and a botnet attack) have troubled Amazon’s cloud-based EC2 (Elastic Compute Cloud) service over the past week, leading to a raft of user problems.
Amazon Elastic Compute Cloud (also known as “EC2″) allows users to rent computers on which to run their own computer applications. EC2 allows scalable deployment of applications by providing a Web service through which a user can boot an Amazon Machine Image to create a virtual machine instance containing any software desired. A user can create, launch, and terminate server instances as needed, paying by the hour for active servers, hence the term “elastic.” Such cloud services have become quite popular, with EC2 one of the best known.
On Wednesday of last week, security researchers for CA found that a new variant of the rightfully infamous Zeus banking Trojan, a password stealer, had infected client computers after hackers were able to compromise a site on EC2 and take it over as their own C&C (command and control) operation. Mayhem ensued, according to a CNET article. This particular bot is a key-logger that is quite adept at stealing banking information, according to CA. The cyber-crooks that perpetrated the break-in apparently snuck their way into EC2 by gaining access through a site hosted on Amazon’s service. Amazon provided the following response to the situation:
We take all claims of misuse of the services very seriously and investigate each one. When we find misuse, we take action quickly and shut it down…which we did in this case. Our terms of usage are clear and we continually monitor and work to make sure the services aren’t used for illegal activity. We also take the privacy of our customers very seriously, and don’t inspect their instances. This is part of the reason why legitimate customers of all types are comfortable running production applications on Amazon EC2.
It’s also important for developers who leverage cloud services to use the same security best practices that they would if they were operating in their own data center or a collocation facility. We provide security best practices to help customers protect themselves from malicious users inside or outside of the cloud.
The service also suffered a power outage, and thus a service outage, at a server facility in Virginia. All in all, it has not been a good week for EC2, and thus not for cloud computing in general. Every time something like this happens, it calls further into question the use of the cloud for data storage and application processing. It is a concept whose time needs to come ASAP, but also one for which our current levels of internet security do not yet seem to be ready.
Related Posts:
