Holding everything from highly personal medical and social media material to confidential financial and corporate documents, Internet-based cloud services are gathering an enormous trove of information -- already a quarter of the world's business data -- that is proving a powerful lure for hackers.
One notable example was the February 2011 breach at Nasdaq's Directors Desk, which maintains records for thousands of corporations. Nasdaq has said little about what happened. But the case reportedly has prompted several federal investigations and sparked speculation that the culprits could have spied on secret communications of company board members.
Coupled with more recent breaches at Web Marketer Epsilon, LinkedIn and Twitter -- along with surveys showing such attacks alarmingly common among businesses -- many experts say too little is being done to prevent cyber crooks from pilfering credit card numbers, trade secrets and other sensitive data on the cloud.
"It's scary," said Eric Chiu, co-founder and president of Mountain View, Calif., security company HyTrust. If a hacker gets access to that information, he said, "they've got the keys to your kingdom. They can make copies of everything you have, and they can potentially destroy your data center."
Although definitions of cloud computing vary, it usually involves a shared service that lets customers access their data using Internet-based software or servers. Cloud storage can cut a company's costs, and make it easy to retrieve information from nearly anywhere via the Internet.
The cloud is used to send email, print from mobile devices, exchange medical information, share on social networks and much more. Just among cloud document-storage services, such as Dropbox and Google Drive, the number of subscribers will double from 625 million this year to 1.3 billion in 2017, according to market researcher IHS.
Corporations have been among the biggest adopters. Research firm Gartner has predicted that the worldwide revenue from public clouds, a popular kind shared by multiple customers, will soar from $91.4 billion in 2011 to $206.6 billion in 2016.
Yet the trend poses risks. Symantec in January reported that 43 percent of the 3,236 businesses it queried had "lost data in the cloud," although it didn't ask how much was due to cyber attacks.
Those companies weren't alone. Of nearly 500 information-technology professionals Intel recently surveyed, 46 percent said their firms had suffered a security breach -- meaning their data was lost or accessed by unauthorized means -- on two popular types of clouds. And most of the victims said they were experiencing more breaches than when they had kept the data on their own networks. (continued...)
© 2013 San Jose Mercury News under contract with MarketWatch. All rights reserved.