Home » Opinion » US’s secretive utility is Amazon Web Services

US’s secretive utility is Amazon Web Services

Amazon.com Inc’s ubiquitous cloud-computing network, the spine for a lot of digital communications and transactions across the US, went dark for several hours.
The cloud has provided bounteous advantages but also excess — a cornucopia of nice-to-haves, much of it silly. Even comparisons don’t truly surface the most substantive threats to consider when digital meltdowns or significant hacks occur on vital private networks such as Amazon Web Services. AWS is the biggest cloud provider in the US, but outages happen with some regularity at other leading cloud services, too. Alphabet Inc’s Google Cloud Platform has had its share of woes, as has Microsoft Corp’s Azure service.
These cloud networks not only power the consumer indulgences that people whine about when there’s an outage, they also fuel core government and corporate work such as national security and blockbuster financial transactions. Alphabet, Amazon, Microsoft and Oracle Corp. are all jockeying to secure an important cloud contact with the Defense Department, for example.
Yet some of these same cloud services have been central to startling and sprawling nation-state hacks over the last year involving, for example, the SolarWinds Corp Based on the limited information Amazon disclosed on its “service health dashboard” about its outage, hackers or a denial-of-service attack were not responsible.
Amazon cited a “network device issue” and said the outage was largely confined to the East Coast. That’s about as much as we know because that’s all that Amazon decided to share. That lack of transparency and disclosure is a big problem, one that Amazon has shown little interest in resolving.
Widespread use of cloud computing is here to stay, and its benefits far outweigh its disadvantages. But Amazon’s secrecy — and its unwillingness to provide greater insight into its operations — is emblematic of how much unnecessary autonomy it enjoys. Amazon doesn’t have to operate this way.
Consider Microsoft. It has been willing to share information publicly about intrusions or breakdowns so it can help form public-private alliances to insulate computer networks. It has also taken the bold step of identifying countries such as North Korea, Russia and China for their roles in orchestrating digital assaults. Amazon, on the other hand, declined to testify at congressional hearings about the SolarWinds breach, even though hackers used Amazon’s cloud servers to stage digital assaults.
Regulators shouldn’t continue allowing it to stay mum, but Washington may lack the backbone needed to be more aggressive. A defense bill moving through Congress recently shed provisions that would have required companies to report cyberattacks and ransomware payments to the federal government.


Leave a Reply

Your email address will not be published. Required fields are marked *

Send this to a friend