Over the last few years, the hacker’s group anonymous has been making the news every few months as they continue to successfully break through the apparently feeble security of organizations such as the Department of Justice, the Recording Industry Association, the Motion Picture Association of America (MPAA), Paypal and NATO, and even the very Internet security firms set up to protect businesses from hacker attacks.
The threat doesn’t only come from so-called “hacktivists”. There are also incoming attacks from foreign nations like China – a country that invests a great deal into electronic and commercial espionage.
At this year’s RSA Conference last week, representatives of Germany Trade & Invest provided insight into Germany’s new security “cloud”, meant to serve the world’s businesses and organizations as an ultra-safe destination for the most sensitive data and information.
Some are calling the German cloud overkill in today’s more open Internet culture, but others say that such an ultra-secure location for the most critical and sensitive information is not only necessary, but essential to the future of Internet security.
German Privacy and Cloud Security
The so-called “German Cloud” would actually be a system where a security certificate would be issued to websites, which could render domain hacking or similar attacks useless.
A Bloomberg article mentioned this cloud late in 2011 when Deutsche Telekom was urging European regulators to issue those certificates to German and European cloud operators (1).
The goal of the ultra-secure cloud would offer global companies with two levels of protection. The first is protection from the “leak” of information, due to Germany’s strict privacy laws. This means that any German IT staff that might release or steal information within the German cloud would face harsh punishment – making the potential for such leaks much lower than anywhere else in the world.
The second benefit to companies and organizations trying to protect very sensitive data would be the level of security that will be integrated into the servers and services that will make up the cloud.
Section Three Header
The cloud itself is clearly a national effort by Germany to attract the interest of major companies that need to protect its information from potential intrusions by individuals, like hacker’s group Anonymous, or foreign nations that have an active offensive hacking program.
Ironically, one of the benefits the Germans say they offer to those companies is protection from the U.S. itself. The U.S. Patriot Act has made countless websites and personal data vulnerable to access from U.S. government investigators. Germany offers its clients a “shield” from such government access.
CEO of the T-Systems unit told reporters in September of last year:
“The Americans say that no matter what happens I’ll release the data to the government if I’m forced to do so, from anywhere in the world. Certain German companies don’t want others to access their systems. That’s why we’re well-positioned if we can say we’re a European provider in a European legal sphere and no American can get to them.”
The system is being set up to give German IT firms with a competitive advantage. While those firms are working to create a cloud that can keep the U.S. government from accessing the information stored there, they are also selling that cloud to some of the largest U.S. firms as well. In other words, while keeping “the Americans” out, they are hoping to attract the business of some of the largest American firms.
There is not enough information available to say whether the secure German cloud would truly be impenetrable to skilled hacktivists like the hacker’s group Anonymous, but at the very least, it would be a safe haven for individuals and businesses that want to keep information and data away from U.S. federal investigators that would want to access it using the U.S. Patriot Act.