Criminals Are Using The Cloud – Here’s How You Can Fight Back

Criminals Are Using The Cloud – Here’s How You Can Fight Back

Not everything is peachy-keen in the cloud.

Did you know that as many as 10% of cloud repositories may be infected by malware? That includes those hosted by Amazon and Google, by the way. Not even the behemoths of cloud service are immune.

Or how about the fact that there exists a burgeoning malware-as-a-service industry, with virus writers offering access to malware kits that include regular updates and technical support? There now exists an entire black market for MaaS, with developers offering money-back guarantees and online reviews. It might be amusing, if it weren’t so disconcerting.

These two stories together serve as a stark reminder that the cloud, while a valuable tool for business enablement, can also be wielded by the crooks who seek to undermine your business and steal your data. Thankfully, with malware-as-a-service, there’s little to be done aside from make sure you keep everything up to date. As long as you’re always running the latest security updates, you should be fine.

Cloud-based viruses are a bit trickier.

“Connected cloud apps can be both inherently malicious or become malicious and as a result organizations can be exposed to cloud malware in a number of ways,” explains Cloud Lock CTO and Co-Founder Ron Zalkind. “This presents a challenge to security teams as they must adjust their approach to identifying and evaluating breaches in this new environment.”

Part of that approach, it turns out, is looking for viruses in completely unexpected places. According to the Georgia Tech survey cited at the beginning of this piece, the majority of cloud malware remains completely inert and decompiled, its parts stored in redundant repositories until it’s time for an attack. You therefore need to know what to look for, and monitor your cloud closely for suspicious activity.

“Many of the bad actors had redundant repositories connected by specific kinds of redirection schemes,” the researchers note. “That allowed attacks to continue if one bucket were lost. The bad buckets also usually had ‘gatekeepers’ designed to keep scanners out of the repositories.”

Aside from that, there are a few other things you should do:

  • Run critical business apps in a secure container. This reduces the likelihood that they will be compromised by malicious software.
  • Know what third-party apps employees within your organization use.

After a brief adjustment period, you should have no real problem keeping up with the security risks of a new cloud era. But make sure you put in the necessary effort to do so. Because if you don’t, you’ve no one but yourself to blame if you end up breached.

No Comments

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.