In March 2018, Atlanta city agencies were infected with the SamSam ransomware virus. The incident knocked out many operations across the city government for weeks, including municipal court scheduling, online bill payments, and the public Wi-Fi network at Hartsfield-Jackson Atlanta International Airport, the world’s busiest. The recovery potentially cost taxpayers as much as $17 million.
In response to this major attack , the city’s chief information officer recently touted the movement of even more of their enterprise to the cloud as an important component of their cybersecurity strategy.
“We’ve also made some transition to a lot of cloud services. Even before this happened, we had cloud services—a hybrid strategy,” Atlanta CIO Gary Brantley said in the city’s cybersecurity video update. “But we wanted to, kind of, move that percentage a little bit higher. And so, we’re in the process of doing that as well.”
Shared Cloud Cybersecurity Responsibilities
While public clouds certainly incorporate built-in security controls, it’s important to remember that simply moving to the cloud isn't a cybersecurity strategy in and of itself. Cloud security is based on a shared responsibility model. AWS, for example, couches it as the “security of the cloud”—which is their responsibility—versus “security in the cloud,” which is the customer’s. Organizations can’t just expect to move to the cloud and then forget about cybersecurity.
Cloud service providers will protect the hardware and software infrastructure that runs all of its services, but network administrators are responsible for the security of their assets in the cloud.
The Role of DNS
DNS infrastructure offers a unique way to protect assets and compute wherever they may reside. Malware uses DNS 91% of the time, and is hunting for sensitive data wherever it may reside. BlueCat Edge detects, blocks, and quickly remediates cyberattacks across cloud and on-premises environments. When enterprises span multiple data centers and clouds or are being migrated from data centers into the cloud, DNS Edge can keep track of where assets reside and secure them in transit. Within any cloud environment, BlueCat Edge provides visibility and control over every DNS request and response, logging the source IP address for quick review and analysis to detect patterns of malicious behavior.
That cybersecurity model should include defense through DNS. The visibility Edge provides allows cities like Atlanta to keep their end of the cybersecurity bargain.