Summary
Clouds are being pushed as a money saving technology. When they work properly, this can be true. However, there are a number of serious new security vulnerabilities which exist in clouds which the vendors are keeping silent about and cyber security laws make it extremely difficult to even do the research on how to detect and respond to these vulnerabilities. User beware....
Analysis
The security model used for cloud computing is very much the same as for traditional server farms. The sheer scale of the clusters however enables new modes of attack which can be philosophically looked at as like termites. Each one is very small but when you get enough of them and they synchronize their actions, the devastation can be enormous. To fully research these and prepare robust countermeasures, you have to be able to measure, test, and instrument a large cloud using a real live diverse mixture of commercial weight applications. By law, researchers are prohibited from doing this. Attempting to do this on a small private cluster simply does not give an accurate picture of the real world that the cloud attackers can exploit.
We know about worms, viruses, etc. Its time to start learning about termites as they have the ability to decimate clouds and impact far more users than taking down any single data center could possible do.
