2010: Dawn Of National Cyber Wars, says Citrix CTO

Citrix CTO Simon Crosby looks back at 2010 in the cloud computing sector – and ahead at what 2011 may bring – and is not very comfortable with a number of things emerging on the security side of that very hot business.

Crosby has become a go-to resource for knowledge in virtualisation, cloud computing and data security. He was founder and CTO of XenSource prior to its acquisition by Citrix for $500 million in 2007. Previously, Simon was a principal engineer at Intel, where he led strategic research in distributed autonomic computing, platform security and trust.

Every CIO Should Be Shivering In A State Of Panic

It is Crosby’s job as the CTO of an international enterprise IT provider to maintain a big-picture view of what the trends are, where they are going, and how they will affect companies making strategic IT plans.

It is not necessarily cloud infrastructure issues that worry Crosby. It is protection of stored data and access to servers that keeps him up at night.

“This was the year when nation-state attacks started to happen,” Crosby said. “You’ve got Stuxnet, you’ve got the Chinese government attack on Google, and you’ve got WikiLeaks. My take is that every CIO should be shivering in a state of panic.”

Everybody’s long been aware of denial of service attacks and their potential, but Crosby thinks many people have become indifferent to these events, believing such an attack will not happen to them.

“All of these have profound lessons for us,” Crosby told eWEEK. “We’re in a space of hyper-innovation and that’s fuelled by Moore’s Law on the client and the server, and Moore’s Law helping the network, so we get the network effect of that – and the network effect of that innovation is unbelievable.”

World’s largest cloud: Conficker

“If you look at the world’s largest cloud, it’s probably something called Conficker. It has probably 30 million CPUs. It requires something like 20 terabits of bandwidth, and it’s for hire. You can hire it today, and point it at anything you want,” Crosby said.

“Think cloud now. Every single one of those hosts up there that are infected with Conficker – and there are still millions and millions of them – are all out there, and they can be remotely controlled and instructed to do something,” he warned. “It’s similar to the way the anonymous guys at WikiLeaks have been getting people to download and attack payload, and then they can remotely point that attack payload at any site they want to attack.”

For example, anonymous hackers have been able to put together an attack of 10GB per second and point it at Visa, PayPal, Amazon and a couple of other places to shut them down for various times, Crosby said.

“Conficker is still out there – and that’s 28 terabits per second. If that thing was pointed at any US national interest, or any national interest, it would go down in a heartbeat,” Crosby said.

So why has this not happened yet, if there are people in the world devious and knowledgeable enough to activate this dangerous weapon?

“Well, it hasn’t yet for the same reason that nobody has launched an atomic bomb – it’s that big, right?” Crosby said. “It turns out that most of the Conficker stuff is relatively straightforward – denial of service and blackmail stuff in the hands of organised crime.

“But the scary thing is that this was the year [2010] that nation-states started to engage in cyber war actively – and everybody saw it for the first time.”

Page: 1 2

Chris Preimesberger

Editor of eWEEK and repository of knowledge on storage, amongst other things

Recent Posts

Craig Wright Sentenced For Contempt Of Court

Suspended prison sentence for Craig Wright for “flagrant breach” of court order, after his false…

2 days ago

El Salvador To Sell Or Discontinue Bitcoin Wallet, After IMF Deal

Cash-strapped south American country agrees to sell or discontinue its national Bitcoin wallet after signing…

2 days ago

UK’s ICO Labels Google ‘Irresponsible’ For Tracking Change

Google's change will allow advertisers to track customers' digital “fingerprints”, but UK data protection watchdog…

2 days ago

EU Publishes iOS Interoperability Plans

European Commission publishes preliminary instructions to Apple on how to open up iOS to rivals,…

3 days ago

Momeni Convicted In Bob Lee Murder

San Francisco jury finds Nima Momeni guilty of second-degree murder of Cash App founder Bob…

3 days ago