How vulnerable are we due to Cloud native technologies and the dependency on a single provider?
Little did the developer know that his actions would cause a new global depression. “Frustrated by his employer’s lack of appreciation for his ideas, he had planted his code in Zingo’s source code some months ago. Zingo was the flagship in his employer’s portfolio of cloud-native technologies.
Now, it was a game of waiting; tomorrow, it would be triggered, and all Zingo clusters in the world would crash. He knew it would hurt his employer, but what about all the large corporations and financial services? He was soon to see, and curious, he went to sleep.
The Tsunami
It was the 5th of May, and the code was invoked as the clock struck midnight. During the day, it swept the globe like a tsunami, time zone by time zone. As the Zingo clusters crashed, critical functions in banks, businesses, and the public sector, and without a trusted code, took weeks to restore the functionality and restart processing.
The Aftermath
The event became known as The Digital Tsunami, and for years, the news media covered updates from countless investigations and commissions worldwide.
The question all asked was: could it have been avoided, and why had so few taken proactive measures?
How vulnerable are we?
Now, this is fiction, but could it become a reality? Do we not consider scenarios like the one above when using cloud-native technologies, and do we rely completely on a single cloud provider? What if an evil leader of a country were to cut the replication between cloud regions?
There are many scenarios, but the outcomes are likely the same. With most citizens only having digital currencies, how can they pay for food, petrol, or medicine?
How common is the Risk?
Do we need to turn this potential risk from the elephant in the room to one of the parameters when we use the Cloud and further improve our level of resiliency? Here are some examples of the risks according to Gartner: https://www.helpnetsecurity.com/2023/11/06/cloud-concentration-risk/ followed by examples of incidents: https://techhq.com/2020/09/whats-the-risk-of-becoming-too-cloud-dependent/
In the last 10 years, I have reviewed many could architectures, and most share the same patterns.
Part two will follow
Part two will provide my view and ideas on how to remediate this and, at the same time, achieve significant business benefits.
Until then, sleep well.
