Hijacking, Cloud Security and Data Loss - Literature review Example

January 15, Hijacking, Cloud security and Data Loss Introduction to Cloud Computing. Cloud computing (or simply called the cloud) is grounded on saving one’s data in a remote server (Hill et al., 2012). Cloud computing entails the collection of several services, using layered cloud computing structures (Borko, 2010). Cloud computing includes grid computing and service-based architecture (Sosinsky, 2010). Technically, the term means the process of abstracting web-grounded computers, cell phones, tablets, services, and other related resources offered by several cloud computing sites. The www.iCloud.com cloud computing site offers a free online desktop to the clients. Users can upload and access uploaded pictures, documents, music files. www.dropbox.com cloud computing site offers possible free 18 gigabytes of memory to its users (Blaisdell, 2012). Further, the users of cloud computing can choose between public or private computing types. The public computing type allows anyone to access the data saved in the remote server (Howell, 2012). Under the private type computing, unauthorized persons are not allowed to access the data saved on the remote server. The term cloud equates to being invisible. Cloud computing entails outsourcing data storage to another location, cloud (Shor, 2011).The cloud is user-prioritized, filling the computing needs of the users (Gillam, 2010). The persons using the cloud service do know the hardware or software used by the cloud service providers. Likewise, the cloud service clients do not know where the files are saved, the location of the cloud service providers being “hidden” from the cloud service users. People using internet –capable cell phones, tablets, and computers can save their files in the cloud computing sites. They can then access their files from the cloud server sites from any available computer, tablet, or internet- capable cell phones. Consequently, the users of the cloud computing sites do not need unnecessarily high gigabyte capacity memory cards or drives to save their huge files on their cell phones, tablets, or computers. To ensure high quality cloud computing service, data loss and hijacking must be reduced to allowable levels. Cloud Computing Process Working Cloud computing allows the users to save their files on remote server sites. Using the internet, the cloud computing clients can choose among several cloud computing providers. Picture 1 Cloud Computing In addition, the above picture shows how the basic cloud computing setup works. One cloud computing person can access the same files from the same cloud computing site from a tablet, cell phone or any computer terminal. Some cloud computing sites offer either the free or paid membership its users (Jamsa, 2011). One cloud computing service provider offers the file saving privileges to many clients. The Further, there are several providers of the cloud computing services. One top provider of cloud computing is www.rackspace.com (Searchcloudcomputing, 2012). It is one of the founders of the OpenStack Cloud operating system. The company’s cloud high quality computing services led to its 2011 year’s $ 1.3 billion revenues. The company uses Platform as Service (or PaaS) cloud computing hosting service. Its servers are packed within an estimated 235,000 square feet. The company uses more than 79,000 servers to serve the cloud computing needs of its more than 169,000 worldwide clients. More than 4,000 employees ensure the cloud computing services are in perfect order. General Security Issues Website not accessible The cloud computing website may not be operational at certain times of the day, week or month. The websites are run by companies or individuals. Consequently, the cloud computing websites must keep their database accessible 24 hours a day for the entire week’s seven days time period. When the cloud computing users are not able to access the website, the users may think that the cloud computing websites were hacked. Consequently, the users will feel frustrated. If the website cannot be accessed at the expected time or place, the cloud computing user may not be able to present the required cloud computing data during the schedule meeting, seminar or important event. Phishing There are several security issues cropping in the cloud computing environment (Solomon, 2010). First, phishing may occur. Phishing occurs when one site mimics the real site. A site appears to have the same “face” as the real website. As the victimized cloud computing clients log in to the fake website, the fake website collects the username and password of the cloud computing users. Then, the fake website owners will use the captured user names and passwords to access the real website. After entering the real website the phishing website owners may change the username and passwords of the victimized cloud computing clients. The phishing website owners may retrieve the confidential files or alter the files of the victimized cloud computing users. Hacking Hacking is a real cloud computing issue (Solomon, 2010). While accessing the cloud computing websites, the users may use an unfamiliar or new computer terminal. Consequently, the unfamiliar or new computer terminal may contain a hacking virus. The virus records and sends to the hackers the username and passwords of the cloud computing users. Similarly, the hackers will use the captured username and password to access the victimized cloud computing users’ cloud files. Hijacking Hijacking occurs when an authorized person takes forced control over a website (Vacca, 2012). There are several ways to hijack a website. One is by using hijacking software. Another is to seek inside information. One or more of the employees of the cloud computing website may help the hijackers access and take full or partial control of the cloud computing website. Data Loss In addition, data loss may occur. The use of CCTV and security guards to keep unauthorized persons from entering the cloud computing companies’ building premises will avoid unauthorized deletion of cloud users’ confidential files (Schwabach, 2014). When the website is hacked, the hackers may change or delete some or all of the accessed files. When the files are deleted, the data files are forever lost. This happened in the recent Sony Pictures hacking incident. The hackers deleted several original movie data files from Hollywood’s Sony Pictures Entertainment movie databases. The attack was suspected to be in retaliation of the release of the movie The Interview. The movie shows how the current Korean President is assassinated. There are many other speculations as for the illegal access and deletion of the Sony Pictures movie files (Lee, 2014). The same may occur with cloud computing websites. Two main issues: A) Data loss There are several reasons why data loss may occur within the confidential cloud computing files. Humans are prone to errors. Data loss may occur when the drives containing the files are damaged (Stera et al, 2010). Poor website maintenance may lead to avoidable data loss (Melissa, 2014). Errors are unintentional in nature. Data loss may occur when the computer hardware malfunctions due to overheating and other physical inconveniences on the hardware (Zhang, 2006). The erroneous person does not have any illegal purpose. Errors can be reduced by requiring the respective individuals and groups to be very careful. Being careful means the cloud computing website programmers and website administrators ensure the utmost accuracy in the management of the website programs. The website administrators must have a quality assurance person (a supervisor) to monitor and ensure the website programmers avoid unnecessary errors. Further, hackers may alter, delete, or add files to original files of the cloud computing users (Salomon, 2010). In terms of data loss, the same hacking incident that occurred with the Sony hacking site may occur in the cloud computing sites, www.googlel.com, www.yahoo.com, www.facebook.com, and other popular websites. Consequently, the hackers may delete or change some of the files of the hacked cloud computing sites. If the users of the cloud computing sites do not have other copies their files saved in another location such as a hard disk or another cloud computing website, the deleted or changed data files will forever be lost in the cyberspace world. Furthermore, technicalities may lead to cloud computing file data loss (Vacca, 2012). A possible change of the cloud computing programming codes may lead to data loss. A greenhorn cloud website programmer hired by the cloud computing website may accidentally change some of the programming lines. Consequently, the change may lead to the unintentional deletion of some or many of the cloud computing users’ highly confidential files. Moreover, a computer virus may infiltrate the cloud computing website’s territory (Jamsa, 2011). When this happens, the computer virus may change some or all of the cloud computing website data. Another computer virus may change the programming of the cloud computing sites. The new unauthorized programming may cause the same altering or deletion of the cloud computing users’ very important files, pictures, videos, and other important documents. By instituting the strongest and best anti-virus programs, the intruding virus programs cannot access the cloud computing websites (Jamsa, 2011). Consequently, the constantly updated antivirus programs will ensure the data files of the cloud computing users are kept safe, secure, complete and accurate. The constantly updated antivirus programs will keep abreast of the latest created and revised viruses. Keeping the anti-phishing software updated will ensure the phishing attackers cannot imitate the real cloud computing websites. Consequently, phishing attackers cannot steal the cloud computing users’ usernames and passwords. Clearly, data loss is prevented by eliminating hacking and virus attacks. By hiring the best qualified programmer, the cloud computing websites will reduce possible changes in the websites’ programs (Jamsa, 2011). Consequently, data loss is avoided. By requiring the website administrator to oversee the neophyte programmer, programming errors are immediately corrected. The immediate correction of wrong programs will eliminate avoidable data loss. B) Hijacking Hijacking occurs when the website attacker takes control of the website. When the hijacker attacks, it intercepts the messages between the cloud computing website or any website and the users of the website. Consequently, the cloud computing user is removed from the cloud computing sessions. Consequently, the hijacking source communicates with the cloud computing website. The attacker replaces the intercepted packets with corrupted or hijack packets. This is classified as TCP/IP computer attack type hijacking. This often occurs when there is no security preventing the computer hijacking interferences. The attacks also occur when timeouts crop up. The attackers’ unauthorized changing of the cookies that connect the cloud computing users and the website servers makes the computer hijacking successful (Vacca, 2012). Further, there is a real danger that the cloud computing hijackers may access the files of the cloud computing users (Borko, 2010). As hijack owners of the cloud computing servers, the cloud computing site hijackers can easily access the files of their clients. When this happens, the cloud computing clients are not aware that their data had been compromised. The hijackers may use the clients’ accessed files to retrieve confidential data, passwords and usernames of other websites, including other competing cloud competing sites. Furthermore, there is a high probability that some scrupulous cloud computing site hijackers may prevent the users from accessing their files (Vacca, 2012). The hijackers may change the usernames and/ or passwords of the cloud computing users. In the same manner, the cloud computing site hijackers may use technicalities and other jargon to inform the victimized cloud computing clients that they can no longer access their access to their files. One of the cloud computing hijackers’ possible reason almost convincing reasons is for security purposes, as when one person reports that the username and passwords were recently hacked. Normally, a hacker steals the username and password of the real cloud computing users, the hackers may report that the real owners of the files are the hackers. Consequently, the real cloud computing site administrators will block the real owners from accessing the cloud computing files. Moreover, there are several reasons why cloud computing hijackers want access to the confidential cloud computing files (Atilla, 2013). One of the reasons is for profit. The hijackers may access the cloud users’ credit card information. Consequently, the hijackers can use the stolen credit card information to pay for food, clothes, groceries, jewelries, and other luxurious items for free. Another reason is to gain additional information. For example, the hijackers may know where one cloud user victim hid his gold, money and other precious gems. The cloud computing user may indicate in one of the uploaded cloud computing files the location of his or her hidden treasure chest of jewels, gold, and other high value properties. Current Solutions Different parties, especially the cloud computing programmers and administrators, must contribute to the resolving the above issues. There are several solutions to stop the unauthorized hijacking of the cloud computing environment. One solution includes the installation of the SCADA security program significantly helps. The SCADA program must include Cryptographic Protection process. The program incorporates encryption security strategies. Next, the program sends to Message Authentication process Code or MAC to ensure hijacking did not occur. The same program uses hypertext messages in the encryption and decryption of transmitted cloud computing data. When the other hardware receives data, the information is authenticated to determine if hijacking had not altered or deleted some of the transmitted data (Karim et al., 2007). Encryption reduces the success of the hijacking attacks. The use of Authentic Data bits helped determine whether the received data is not hijacked or corrupted. The bits affirm whether the server authenticates the transferred encrypted and decrypted data (Atilla, 2013). Further, other remedies are likewise effective. Encrypted protocols will reduce hijacking and data loss incidents. The POP3 is not a secure protocol. The IMAP is likewise not a secure protocol. On the other hand, the POP3 used over TLS is a recommended secure protocol. Another strong secure protocol is the HTMLS, SSL protocol. A similarly strong anti-hijacking and data loss protocol is the popular SMTP place over TLS protocol. Further, the insecure Telnet protocol must be replaced with the better performing Secure Socket type Layer (SSL) protocol and SSH protocol. SSH and TLS protocol types use both a private key and a public key to ensure integrity and security of transferred encrypted computer data (Basta, 2013). Several solutions will stop data loss. The computer hardware must be defragged. A defragged hardware will increase data retrieval and transfer speed. The defrag process reduces or eliminates possible data loss (Success, 2006). The installation of the fault-tolerating systems will reduce the probability of data loss. In addition, external drives are used to backup important data as protection from any data loss (Bajgoric, 2008). Saving the same file on two different cloud computing sites prevents data loss (Frazier, 2013). The use of node redundancy sensors will detect data loss (Khaled, 2012). Conclusion Based on the above discussion, cloud computing entails saving and retrieving files from the cloud computing server sites. The cloud computing clients use their cell phones, tablets, and computers to access and upload data in the cloud computing sites. Data loss may occur during the transfer and retrieval of information into the Cloud computing server sites. Likewise, computer hijacking may cause security threats on the cloud computing clients’ confidential data. Anti-hijacking software will reduce the possibilities of hijacking and data loss. Similarly, high quality maintenance of the cloud computing hard drives as well as the use of backup drives will ensure data loss is avoided or reduced. Evidently, all concerned parties must contribute to the reduction of data loss and hijacking to allowable levels to ensure high quality cloud computing services continually prevail. References: Atilla, E., 2013. Theory and Practice of Cryptography. London: IGI Global Press. Bajgoric, N., 2008. Continuous Computing Technologies. London: IGI Global Press. Basta, A., 2013. Computer Security and Penetration Test. London: Cengage Learning Press. Blaisdell, R., 2012. Cloud Computing. Retrieved January 14, 2015, from < https://www.rickscloud.com/6-cloud-computing-free-services-in-vogue/ > Borko, F., 2010. Handbook of Cloud Computing. London: Springer Press. Frazier, S., 2013. Marketing Strategies for the Home-based Business. London: Rowman & Littlefield Press. Gillam, L., 2010. Cloud Computing . London: Springer Press. Hill et al., 2012. Guide to Cloud Computing. London: Springer Press. Howell, D., 2012. Cloud Computing. London: Easy Steps Press. Jamsa, K., 2011. Cloud Computing. London: Jones & Bartlett Press. Karim et al., 2007. Advances in Computerf, Information, and Systems Sciences. London: Springer Press. Khaled, E., 2012. Innovations and Advances in Computer Information Systems. London: Springer Press. Lee, T., 2014. The Sony Hack: How It Happened, Who is Responsible, and What Weve Learned. Vox , p. 1. Melissa, H., 2014. Best Pratices in Computer Network Defense. London: IOS Press. Salomon, D., 2010. Elements of Computer Security. London: Springer Press. Schwabach, A., 2014. Internet and the Law. London: ABC CLIO Press. Search Cloud Computing., 2012.Top 10 Computing Providers. Retrieved January 14, 2015, from < http://searchcloudcomputing.techtarget.com/photostory/2240149048/Top-10-cloud- providers-of-2012/10/2-Rackspace#contentCompress > Shor, R., 2011. Cloud Computing for Learning. New York: American Society for Training and Devt . Sosinsky, B., 2010. Cloud Computing Bible. London: J. Wiley & Sons Press. Steraetal., 2010. Computer Networks. London: Springer Press. Success, W., 2006. Keep Your PC Safe from Virus and Data Loss. New York: Smart Books. Vacca, J., 2012. Computer and Information Security Handbook. London: Newnes Press. Zhang, X., 2006. Tape Storage Solutions: Meeting Growing Data Demands . Minneapolis: University of Minnesota Press. Read More