Jan 26, 2018 3:00 AM

How likely can terrorists, nuclear attacks, or hackers take down the cloud?

A recent report estimates a huge financial cost to cloud users, which business insurance won’t cover. But is this something you really need to worry about?

US Energy Dept.

For all you Chicken Littles out there: A cyber problem that shuts down a top US cloud computing provider for three to six days could trigger a cost to clients of between $5.3 billion and $19 billion in business losses, of which only $1.1 billion to $3.5 billion would be covered by insurance, said insurer Lloyd’s of London in a report. (A “cyber problem” could include hacking, lightning strikes, bombing of datacenters, and human errors making a public cloud service provider take a dirt nap.)

I don’t doubt those numbers. But if one or more major cloud providers are disabled for some reason, we’ll have more important problems than not being able to log into the inventory system. 

And the chances are slim, anyhow: The truth is that public clouds providers are pretty resilient. Although we’ve seen regional outages in the past, typically due to human error, taking down a public cloud provider through a cyberattack would be a bit like playing Whack-a-Mole with 800-pound moles. 

Public cloud providers have set up many redundant systems in their clouds. Although you could bring down a single datacenter, perhaps even a whole region, you won’t disrupt all the cloud datacenters and regions. Kill one, and the others take over. 

Of course, there could be a major event such as an atomic attack that could take out most or all of a cloud provider. However, even then I doubt that all public cloud capabilities would be offline. Keep in mind that TCP/IP was designed by the US Defense Dept. to route around missing pieces of the network due to nuclear attack. 

And, in the event of a nuclear attack, would you care about your cloud services all that much?

For less-world-ending scenarios, one of the good things about cloud computing is that the cloud providers are not the sitting ducks that enterprise datacenters have been (and many still are). The cloud providers have a wide geographical distribution, and they are redundant. So, your cloud data is actually safer than your on-premises data. It’s a good thing cloud data redundancy is almost foolproof, because it looks like you won’t get much help from insurance.