Abstract
While hype around the benefits of ‘cloud computing’increase, challenges in maintaining data security and data privacy have also been recognised as significant vulnerabilities (Ristenpart et al. in Proceedings of the 14th ACM conference on computer and communications security, pp 103–115, 2009; Pearson in CLOUD’09, pp 44–52, 2009; Vouk in J Comput Inf Technol 4:235–246, 2008). These vulnerabilities generate a range of questions relating to the capacity of organisations relying on cloud solutions to effectively manage risk. This has become particularly the case as the threats faced by organisations have moved increasingly away from indiscriminate malware to more targeted cyber-attack tools. From forensic computing perspective it has also been recognised that ‘cloud solutions’ pose additional challenges for forensic computing specialists including discoverability and chain of evidence (Ruan et al. in Adv Digital Forensics VII:35–46, 2011; Reilly et al. in Int J Multimedia Image Process 1:26–34, 2011). However, to date there has been little consideration of how the differences between indiscriminate malware and targeted cyber-attack tools further problematize the capacity of organisations to manage risk. This paper also considers these risks and differentiates between technical, legal and ethical dilemmas posed. The paper also highlights the need for organisations to be aware of these issues when deciding to move to cloud solutions.
Similar content being viewed by others
Notes
Preferred Australian spelling of cyber-attack is used through this paper.
It is worth noting, that in some jurisdictions, even ownership of such tools can be considered illegal. This can subsequently be detrimental for development of defences against these tools, i.e. antivirus industry.
References
Ristenpart, T., Tromert, E., Shacham, H., Savage, S.: Hey, you, get off of my cloud: exploring information leakage in third-party compute clouds. In: Proceedings of the 14th ACM Conference on Computer and Communications Security, pp. 103–115. ACM, New York (2009)
Pearson, S.: Taking account of privacy when designing cloud computing services. In: CLOUD’09, pp. 44–52. IEEE (2009)
Vouk, M.A.: Cloud computing: issues, research and implementations. J. Comput. Inf. Technol. 4, 235–246 (2008)
Ruan, K., Carthy, J., Kechadi, T., Crosbie, M.: Cloud forensics: an overview. Adv. Digital Forensics VII, 35–46 (2011)
Reilly, D., Wren, C., Berry, T.: Cloud computing: Pros and Cons for computer forensic investigations. Int. J. Multimedia Image Process. 1, 26–34 (2011)
Foster, I., Yong, Z., Raicu, I., Lu, S.: Cloud computing and grid computing 360-degree compared. In: Grid Computing Environments Workshop, 2008, GCE ’08, pp. 1–10 (2008)
Mell, P., Grance, T.: The NIST definition of cloud computing. Commun. ACM 53, 50–50 (2010)
Mell, P., Grance, T.: The NIST definition of cloud computing. In: Commerce, U.S.D.o. (ed.) National Institute of Standards and Technology, Gaithersburg, MD (2011)
Dahbur, K., Mohammad, B., Tarakji, A.B.: A survey of risks, threats and vulnerabilities in cloud computing. In: Proceedings of the 2011 International Conference on Intelligent Semantic Web-Services and Applications, pp. 1–6. ACM, Amman, Jordan (2011)
http://www.nautilus.org/info-policy/workshop/papers/denning.html
Information Security magazine: http://www.cs.georgetown.edu/~denning/infosec/disarming-blackhats.html
Gordon, S., Ford, R.: Cyberterrorism? Comput. Security 21, 636–647 (2002)
Gordon, S., Ford, R.: On the definition and classification of cybercrime. J. Comput. Virol. 2, 13–20 (2006)
Broucek, V., Turner, P.: Forensic computing: developing a conceptual approach in the era of information warfare. J. Inf. Warfare 1, 95–108 (2001)
Linkoping University: http://www.ida.liu.se/~guniv/Infowar/
Warren, M., Hutchinson, W.: Information warfare and hacking. In: Armstrong, H. (ed.) 5th Australian Security Research Symposium, pp. 195–206. Edith Cowan University, Perth (2001)
Gordon, S., Ford, R.: Computer crime revisited: the evolution of definition and classification. In: Turner, P., Broucek, V. (eds.) Proceedings of the 15th Annual EICAR Conference “Security in the Mobile and Networked World”, pp. 48–59. EICAR, Hamburg (2006)
Denning, D.E.: Information Warfare and Security. Addison-Wesley Longman Ltd, Essex (1999)
Kulish, N.: Germans condemn police use of spyware. New York Times, pp. A.5–A.5, New York (2011)
McCullagh, A., Broache, A.: Will security firms detect police spyware? CNET News. CBC Interactive (2007)
Bodenheimer, D.Z.: Cyberwarfare in the Stuxnet age. Can Cannonball law keep pace with the digital battlefield? The SciTech Lawyer 8 (2012)
Fahs, R.: Position Paper: The Future of AV Testing. EICAR (2010)
Wolfe, J.: Bona fide researcher? In: Gattiker, U.E. (ed.) EICAR Conference Best Paper Proceedings. EICAR, Copenhagen (2003)
Owens, W.A., Dam, K.W., Lin, H.S. (eds.): Technology, Policy, Law, and Ethics Regarding U.S. Acquisition and Use of Cyberattack Capabilities. The National Academies Press, New York (2009)
Langner, R.: Stuxnet: dissecting a cyberwarfare weapon. Security Privacy IEEE 9, 49–51 (2011)
Masters, G.: Life after Stuxnet. SC Mag. 22, 29–31 (2011)
Chen, T.M., Abu-Nimeh, S.: Lessons from Stuxnet. Computer 44, 91–93 (2011)
Vaquero, L.M., Rodero-Merino, L., Caceres, J., Lindner, M.: A break in the clouds: towards a cloud definition. ACM SIGCOMM Comput. Commun. Rev. 39, 50–55 (2009)
Help Net Security: http://www.net-security.org/secworld.php?id=11513
Higgins, K.J.: Apache issues workarounds for ‘Killer’ attack. Informationweek (2011)
Desnos, A., Erra, R., Filiol, E.: Processor-dependent malware... and codes. eprint arXiv:1011.1638 (2010)
National Cybersecurity and Communications Integration Center: Assessment of Anonymous Threat to ontrol Systems. US Department of Homeland, Security (2011)
Rashid, F.Y.: DHS warns of anonymous cyber-attack tools, planned mass protests. eWeek.com. Ziff Davis Enterprise Inc (2011)
Cawley, C.: Federal Communications Commission Assistance for Online Attacks. Bright Hub Inc (2011)
Symantec Connect: http://www.symantec.com/connect/blogs/targeted-attacks-against-small-and-medium-businesses-during-2011
Symantec Connect: http://www.symantec.com/connect/blogs/targeted-attacks-and-smbs
Prince, B.: Behind the government’s rules of cyber war. Security Week. Wired Business Media (2011)
Wilson, C.: Botnets, cybercrime, and cyberterrorism: vulnerabilities and policy issues for congress. In: Foreign Affairs, Defense, and Trade Division (eds.) Congressional Research Services (2008)
U.S. Department of Justice: http://www.fbi.gov/news/stories/2011/november/malware_110911
Broucek, V.: “Forensic Computing: Exploring Paradoxes”: an investigation into challenges of digital evidence and implications for emerging responses to criminal, illegal and inappropriate on-line behaviours. School of Computing and Information Systems, vol. PhD. University of Tasmania, Hobart (2009)
Broucek, V., Turner, P.: Considerations for e-forensics: insights into implications of uncoordinated technical, organisational and legal responses to illegal or inappropriate on-line behaviours. Int. Sci. J. Comput. 4, 17–25 (2005)
Broucek, V., Turner, P.: Winning the battles, losing the war? Rethinking methodology for forensic computing research. J. Comput. Virol. 2, 3–12 (2006)
Broucek, V., Turner, P., Frings, S.: Music piracy, universities and the Australian Federal Court: issues for forensic computing specialists. Comput. Law Security Rep. 21, 30–37 (2005)
Brungs, A., Jamieson, R.: Identification of legal issues for computer forensics. Inf. Syst. Manag. 22, 57–66 (2005)
Hannan, M., Frings, S., Broucek, V., Turner, P.: Forensic computing theory& practice: towards developing a methodology for a standardised approach to computer misuse. In: Kinght, S.-A. (ed.) 1st Australian Computer. Network & Information Forensics Conference, Perth, WA, Australia (2003)
Hannan, M., Turner, P.: The last mile: applying traditional methods for perpetrator identification in forensic computing investigations. In: 3rd European Conference on Information Warfare and Security (2004)
Hannan, M., Turner, P., Broucek, V.: Refining the taxonomy of forensic computing in the era of E-crime: insights from a survey of Australian Forensic Computing Investigation (FCI) Teams. In: 4th Australian Information Warfare and IT Security Conference, pp. 151–158, Adelaide, SA, Australia (2003)
Reith, M., Carr, C., Gunsch, G.: An examination of digital forensic models. Int. J. Digital Evidence 1 (2002)
Cornall, R., Black, R.: 2011 Independent Review of the Intelligence Community Report. Commonwealth of Australia, Canberra (2011)
Department of Defense: Department of Defense Cyberspace Policy Report: A Report to Congress Pursuant to the National Defense Authorization Act for Fiscal Year 2011, Section 934. Department of Defense, United States of America (2011)
Department of Defense: Department of Defense Strategy for Operating in Cyberspace. Department of Defense, United States of America (2011)
Carnabuci, C.: The long arm of the USA Patriot Act: tips for Australian Businesses selecting data service providers. Freshfields Bruckhaus Deringer (2011)
Author information
Authors and Affiliations
Corresponding author
Additional information
This is an extended version of paper that was originally published in proceedings of the 21th Annual EICAR Conference 2012.
Rights and permissions
About this article
Cite this article
Broucek, V., Turner, P. Technical, legal and ethical dilemmas: distinguishing risks arising from malware and cyber-attack tools in the ‘cloud’—a forensic computing perspective. J Comput Virol Hack Tech 9, 27–33 (2013). https://doi.org/10.1007/s11416-012-0173-0
Received:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s11416-012-0173-0