November 7, 2013
Georgia Tech Warns Of Emerging Cyber Threats To Cloud Data Storage
redOrbit Staff & Wire Reports - Your Universe Online
As more businesses turn to cloud data storage, few engage in security measures beyond those offered by their provider, and even fewer boost data protection due to concerns that usability and access to remote data will be compromised, according to this year’s Georgia Tech Emerging Cyber Threats Report.The report, released Wednesday at the Georgia Tech Cyber Security Summit, reveals a number of security issues involving cloud data storage, mobile ecosystems and the "Internet of Things” – the fast growing number of Internet-capable devices that could create opportunities for remote hacking and data leakage.
“With the Internet’s pervasive reach into business, government, and private life, it is unsurprising that cybercrime and espionage not only continue to evolve, but that new techniques are quickly adopted,” read the report.
Indeed, with everything from home automation to smartphones and other personal devices becoming Internet-connected as they capture increasing amounts of information, opportunities exist like never before for outside parties, businesses and governments to misuse that data, the researchers said.
"With recent revelations of data collection by the federal government, we will continue to see a focus on cloud security,” said report author Wenke Lee, director of the Georgia Tech Information Security Center (GTISC).
Encryption challenges were a focus at this year's summit, which featured some of the nation's top information security experts such as keynote speaker Martin Hellman, professor emeritus at Stanford University and one of the inventors of public key cryptography.
"But encryption in the cloud often impacts data accessibility and processing speed. So we are likely to see increased debate about the tradeoffs between security, functionality and efficiency,” Lee said.
This year’s threat report also addressed the mobile space. Although designers of mobile devices and tablets have developed a robust ecosystem to prevent large-scale device compromises, the report finds the threat of malicious and potentially targeted use remains.
For instance, earlier this year researchers at Georgia Tech reported they had found ways to bypass the vetting process of Apple's App Store, and subsequently showed how malicious USB chargers could be used to infect Apple iOS devices.
The report also describes the high costs of defending against cyber attacks, noting that despite slow economic growth, IT security budgets will climb five to ten percent this year. Surveys over the past year have also found one-half to two-thirds of IT security professionals expect budgets to increase in the coming year, the researchers said.
“Chasing technology and creating multiple layers of static defenses has driven up security costs,” read the report.
Bo Rotoloni, director of Georgia Tech’s Cyber Technology and Information Security Laboratory (CTISL) and co-author of the report, said protecting data would remain a challenge for the indefinite future.
"No matter how successful we have been, black hat operatives will continue to attack infrastructure at every angle possible, making cyber security a global issue for years to come,” he said.
"We must remain vigilant. The purpose of this Summit and Report is to raise awareness, create educational opportunities and maintain an ongoing dialogue among industry, academia and government."