Combating the rising threat of malware in the cloud

Anurag Kahol is CTO at Bitglass.

Enterprise cloud adoption rates continue to rise at unprecedented rates as more businesses realise the benefits these services can bring.

However, perhaps predictably, this explosive growth has also given rise to a host of new cyber threats as criminals look to capitalise on changing business habits for their own ends. At the top of the list are two familiar threats; malware and ransomware, which unfortunately now have the potential to compromise more data than ever before, thanks to the interconnected nature of the cloud.

there is a shortage of proactive cloud malware solutions, even amongst industry leading vendors

Despite this, a worryingly low number of cloud service providers are yet to offer dedicated protection against malware in the cloud. While Office 365, G Suite, and Azure have the ability to identify common ‘known’ malware, when it comes to defending against zero-day attacks, most come up short. Today, there is a shortage of proactive cloud malware solutions, even amongst industry leading vendors. Because of this, most businesses are unable to defend their entire cloud application portfolio effectively.

What’s more, the biggest threats don’t come from known malware, but unknown, zero-day attacks that can take weeks or even months to discover. By that point, they have often already had a devastating effect on the target due to extensive data exfiltration. Once advanced malware makes its way into a cloud app, there’s often very little that can be done to contain and eliminate it. And, it only takes one infected endpoint to spread malware via the cloud, making defending against it extremely difficult.

Until we see an emergence of dedicated solutions to bolster malware defences in the cloud, organisations should take a proactive approach to keeping their sensitive cloud-based data protected. The following five areas are the most important to consider:

Tackle zero-day threats

As malware becomes increasingly sophisticated and stealthy, effective zero-day protection can help businesses stay a few steps ahead. These tools can combat advanced threats with static analysis, basing a risk decision on hundreds of different characteristics associated with any given file. They can then identify threats based on their behaviour, even before they have been found in the wild.

Scan data flowing to endpoints

Most cloud platforms don’t come equipped with advanced threat protection, which means third-party security solutions that protect are essential. However, not all solutions are equal, so it is recommended that businesses stack up endpoint protection to the highest possible standards.

The best solutions will catch most malware coming to endpoints, which includes both desktops and laptops. Given that it is not uncommon for large businesses to have hundreds of cloud apps, the solution needs to work across all applications, rather than working solely on one or two apps.

Dedicated BYOD protection

While dedicated endpoint security solutions can be effective in securing managed devices, unmanaged BYOD assets often go unprotected. In order to deal with this, organisations need a means of enabling secure upload and download of files from unmanaged endpoints. This should deliver a frictionless user experience, whilst ensuring corporate data remains secure and regulatory compliance requirements are met.

Prevent malware from spreading

Should a network become infected, preventing the spread of malware is critical in order to maintain the integrity of as much data as possible.

Advanced Threat Protection technologies can help businesses to detect and block known and unknown malware before it hits a cloud application. This adds an important layer of protection that can significantly slow, or even stop a malicious attack in progress.

Rethink enterprise app security

Unlike unsanctioned or unknown web services, enterprise productivity apps such as G Suite and Office 365 are built to be functional and secure. As a result, most people have little concern about downloading corporate documents or attachments from these services.

these apps contain many of the same flaws as other online services

Unfortunately, malicious individuals readily exploit this trust as these apps contain many of the same flaws as other online services, and feature limited security protections. In many cases, there is a strong likelihood that they’re hosting malware, just like any other app. Vigilance can play a leading role here; employees should be incentivised to flag anything suspicious and apply the same common-sense approach to downloading files that they would for any other application.

The rise of enterprise cloud solutions has greatly benefited organisations, but also introduced new security concerns that continue to evolve. Zero-day malware attacks in particular can have a devastating effect if given free reign across cloud applications.

Organisations need a combination of existing, advanced tools to make sure they have an effective line of defence, capable of keeping out even the most determined attackers. in hearing industry leaders discuss subjects like this and sharing their experiences and use-cases? Attend the Cyber Security & Cloud Expo World Series with upcoming events in Silicon Valley, London and Amsterdam to learn more.

View Comments
Leave a comment

Leave a Reply

Your email address will not be published.