Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cloud Security

Cloud Security Offense. Don’t Recover from Attacks, Avoid Them.

Implement Ironclad Cloud Security Today to Thwart Malware Attacks of the Future

Implement Ironclad Cloud Security Today to Thwart Malware Attacks of the Future

A couple of years ago, the Zeus botnet was caught running an unauthorized command and control center on a public cloud computing infrastructure, marking the first time the cloud had been used for this type of illegal activity. It appeared that hackers exploited a Web server VM, using it as a botnet control point.

Cloud Security - PreparingFortunately, the Zeus software was discovered and removed, but the potential unfolding of events could have been catastrophic– imagine, malware compromising a cloud virtual machine (VM). The malware leverages loose security controls to infect other VMs in the cloud. The malware leverages the compromised cloud VMs as a launch-pad for further attacks, and so on.

Since that time, attackers have made significant improvements to malware they deploy such that they can avoid detection and maintain a foothold in organizations’ networks. And, with the rise of persistent botnets, attackers can easily flood and knock out a company’s network at will.

With virtualization and cloud computing on the rise, the concerns are clear. It won’t be long before targeted malware attacks become commonplace in cloud environments. So what can be done?

In the case of cloud security, data center administrators should heed the Boy Scout mantra—be prepared. It’s time for them to go on the offensive and get ahead of the threat by baking in comprehensive and integrated security within their virtualized data center architecture today. With cloud computing, the best defense that also won’t hamper performance is early implementation of purpose-built security.

Data center administrators can start by asking some simple questions. If they’re using a public cloud, is there a proper security posture on the VMs that they inhabit? Does the IaaS provider have the means to monitor that posture for compliance? What risk mitigation technologies and procedures are in place for virtualized workloads? Can the cloud services provider offer proof of continuous compliance? Beyond that, what about their neighbor’s VM? Do they have security vulnerabilities that can be exploited? How does the provider ensure proper isolation for tenants?

In the public cloud, companies not only have to worry about attacks on their resources, but also about attacks on co-located tenants. VM hosts may hold multiple customers’ VMs, and providers take different approaches to ensuring VM security and handling related compliance issues.

And still, private clouds are equally as threatened by virtually aware malware that can prey on a vulnerable VM. Once inside, if there are no segmented security measures in place for each VM, nothing will stop further propagation. And private clouds may host a whole array of high-value corporate, financial and customer data so losses in productivity could be devastating to a business.

Advertisement. Scroll to continue reading.

When it comes to securing the public and private cloud and their virtualized underpinnings, organizations should know the various security options and their associated risks. Existing firewalls, physical networking equipment, and routing tricks get you only so far if granular control is required for segmentation compliance and scale. Security solutions architected specifically for virtual environments and the cloud are a good option.

From a technology and organizational standpoint, ironclad cloud segmentation and security is the key to thwarting future malware attacks on VMs in the public and private cloud. So be prepared and make your best defense a good offense.

Written By

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

Register

Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

CISO Conversations

SecurityWeek talks to Billy Spears, CISO at Teradata (a multi-cloud analytics provider), and Lea Kissner, CISO at cloud security firm Lacework.

Cloud Security

Cloud security researcher warns that stolen Microsoft signing key was more powerful and not limited to Outlook.com and Exchange Online.

CISO Strategy

Okta is blaming the recent hack of its support system on an employee who logged into a personal Google account on a company-managed laptop.

Artificial Intelligence

ChatGPT is increasingly integrated into cybersecurity products and services as the industry is testing its capabilities and limitations.

Compliance

Government agencies in the United States have made progress in the implementation of the DMARC standard in response to a Department of Homeland Security...

Network Security

Attack surface management is nothing short of a complete methodology for providing effective cybersecurity. It doesn’t seek to protect everything, but concentrates on areas...

Application Security

Virtualization technology giant VMware on Tuesday shipped urgent updates to fix a trio of security problems in multiple software products, including a virtual machine...