Code Spaces Falls After Unauthorized AWS Access
Just a thought for current and future cloud services providers: If you're going to promise a full recovery plan for your customers, you better make sure you can actually fulfill that promise.
Just a thought for current and future cloud services providers: If you're going to promise a full recovery plan for your customers, you better make sure you can actually fulfill that promise. The inability to fulfill such guarantees is what seems to have sunk Code Spaces, a cloud-based code hosting service provider that fell apart when someone gained unauthorized access to its Amazon Web Services (AWS) account and promptly deleted all customer data.
Code Spaces had boasted its ability to recover from disaster as a key selling point, but apparently someone at Code Spaces missed the memo. And for its existing customers, this is very much a disaster. Code Spaces came under attack by a DDoS on June 17, but it soon became evident that a mysterious nogoodnik had breached its AWS account. Within 12 hours, Code Spaces was dead and buried.
Despite its promises of having a "proven" full recovery plan, Code Spaces was unable to recover from the disaster, and the company's website now provides nothing more than an explanation of the series of events and the unfortunate consequences.
"Code Spaces will not be able to operate beyond this point, the cost of resolving this issue to date and the expected cost of refunding customers who have been left without the service they paid for will put Code Spaces in a irreversible position both financially and in terms of ongoing credibility," the company explained. "As such, at this point in time we have no alternative but to cease trading and concentrate on supporting our affected customers in exporting any remaining data they have left with us."
Because of the attack, Code Spaces found most of its data, backups, machine configurations and offsite backups either partially or completely deleted. Whoever orchestrated the attack went right for the heart of Code Spaces and did damage severe enough to completely cripple the company.
Much of the data was deleted, but Code Spaces seems to be working with customers to do what it can to get any exported data back into end users' hands.
A breach that results in such a massive destruction of user data could happen again, of course. But there are ways to mitigate such risks.
"One approach to addressing the risk of stolen user credentials that led to the Code Spaces breach is implementing AWS guidance on multifactor authentication," Frank Cabri, vice president of marketing at Skyfence, told Talkin' Cloud. "By requiring administrators to access the AWS console using something they know (their password) and something they have (their mobile device) organizations can increase security for the account and the resources being managed. It's available today and it's free when you use it in conjunction with your existing mobile device."
The bigger challenge, Cabri noted, is in monitoring and controlling privileged commands that can be executed by any given administrator. Although traditional IT environments have had such controls in place for years, Cabri indicated such features only now are coming onto the market within the cloud space.
Hopefully such access controls can limit the possibility of cloud services breaches like the one that took down Code Spaces in the future.
