Home > Fraud, General > Uh Oh … Password Scam! That means Utility Computing Won’t Work!

Uh Oh … Password Scam! That means Utility Computing Won’t Work!

October 8, 2009 Leave a comment Go to comments

I’m being facetious. Let me just point that out from the start.

Earlier this week, a news article came out about Google and Hotmail (amongst others) email account information being posted online. Not exactly the news you want to hear if you are considering a switch to Utility Computing, right? I mean, if ALL your business applications (not just your email) were online, could people really access them this easily? Possibly.

The account information that was posted was obtained through phishing attacks. People who “phish” pretend to be someone else in order to get access to your information. It’s a classic confidence scam, and would be like someone turning up at your office, telling you they were there to fix the computers, and then walking out the door with them. Unfortunately, that sort of thing happens all the time. In other words, there’s really nothing new about phishing, its just a new word (and some new tools) for something that has been going on since the dawn of time.

But here’s the problem – the internet is the great multiplier. Instead of the bad guy turning up at a single office under the guise of being a computer repairman, he can sit at home and send emails to tens of millions of people with just a few clicks. Even if only a fraction of a percent of the people who get the email “fall for it”, the bad guy now has thousands of pieces of data that he can use to commit further fraud. So, instead of hitting 3 offices a day, he can hit millions of people with less effort, and probably less risk. Its the same multiplier that the spam emailers use – even if only 0.001% of people they email actually decide they need a little Viagra, they have been successful. And they have done all this at virtually no cost. The internet has made life easier for all of us – INCLUDING the bad guys.

So – does this mean that Utility Computing applications are unsafe? Well, it depends on whether you would let someone into your office without checking their ID. It depends on whether your colleagues would give out confidential information without being sure of who was getting it. In other words, this COULD happen to you … and that’s why you need to be careful. Follow all the standard security advice – change your passwords regularly, don’t use passwords that are easy to guess, ensure that you are accessing secure sites … and (unfortunately) be less trusting. Technology alone won’t prevent these con-artists from continuing their efforts – threat models can reinvent themselves in less than a month while technology standards can take up to 10 years to catch up.

But to answer the question posed by the title of this post – does this mean that Utility Computing won’t work? No. This is not a reflection on Utility Computing – it is a reflection on the fact that the bad guys can now reach more people than ever before, and we all have to be more careful – and less trusting – than even before.

Categories: Fraud, General Tags: , ,
  1. No comments yet.
  1. No trackbacks yet.

Leave a Reply

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Cancel

Connecting to %s

Follow

Get every new post delivered to your Inbox.