The folks who run Amazon’s EC2 cloud service must be happy the week is nearly over.
The cloud-based EC2 (Elastic Compute Cloud) was kept jumping this past week by two incidents: a compromised internal service that triggered a botnet, and a data center power failure in Virginia.
Responding to a request for comment, an Amazon representative said Friday: “We take all claims of misuse of the services very seriously and investigate each one. When we find misuse, we take action quickly and shut it down…which we did in this case. Our terms of usage are clear and we continually monitor and work to make sure the services aren’t used for illegal activity. We also take the privacy of our customers very seriously, and don’t inspect their instances. This is part of the reason why legitimate customers of all types are comfortable running production applications on Amazon EC2.”
The representative also added: “It’s also important for developers who leverage cloud services to use the same security best practices that they would if they were operating in their own data center or a collocation facility. We provide security best practices to help customers protect themselves from malicious users inside or outside of the cloud.”
At least one other site hosted on EC2 has also been the victim of cyberattacks. In October, hosting service Bitbucket was knocked offline for a long stretch of time by a distributed denial of service (DDoS), an incident described in detail by The Register.
Updated at 2:25 p.m. PST with a response from Amazon.
It’s an interesting line to walk between privacy of customers and cloud malware.
It should be worth mentioning that in most situations, when code is inactive and data deleted in a cloud environment, there is no viable forensic recovery.