Global Secure Systems (GSS), the value-added IT security consultancy, has warned that Cloud Computing may turn into malware-fest after researchers have found a method of using the Amazon EC2 service as a BitTorrent host/downloading mechanism.
"Using P2P programs like BitTorrent has always been a risky procedure for PC users owing to the issue of infections arriving along with the pirated software and other executables. Reports have just come in, in fact, that BitTorrent is hosting a malware-loaded version of the Apple iWork software," said David Hobson, GSS' managing director.
"What is even more worrying, however, is the fact that researchers have developed a method of using the Amazon EC2 Cloud Computing service as a remote harvester and hosting system for BitTorrent files," he added.
This means, says Hobson, that hackers and other interested parties can simply use a prepaid (and anonymous) debit card to pay the $75 a month fee to Amazon and harvest BitTorrent applications at high speed with little or no chance of detection.
This, he explained, raises P2P filesharing to a whole new level, and is almost certain to dramatically increase the usage of BitTorrent - with all the risk the facility entails - amongst experienced Internet users.
"The danger here is that companies may find their staff FTP-ing files from Amazon EC2 - a completely legitimate domain - to the firm's computers, resulting in an internal computer infection. The consequences of this do not bear thinking about," he said.
According to Hobson, companies thinking of using Cloud Computing services need to think very carefully about extending their IT security envelope to counter this and other issues that arise from the use of the Cloud.
No-one could have envisaged the security risk of using a Cloud Computing resource as a BitTorrent harvester, but it has happened and companies need to be ware of the potential risk the technology now poses, he said.
For more on the use of Amazon EC2 as a BitTorrent harvester: http://tinyurl.com/77rogn