Blog

Malware in the Cloud: Best Practices to Protect Against a Growing Threat

By September 18, 2018 No Comments
cloud-application-malware-cybersecurity

The tremendous growth of cloud services in the business world has a painful but predictable side effect: the cloud is becoming a popular target for cybercriminals. Because of its networked nature, malware in the cloud can quickly spread to applications and devices if no security measures are taken. But with best practices, companies can protect themselves against the growing threat of malware in the cloud.

The cloud not only offers businesses scalability, flexibility, and agility, but also more efficient work processes and associated cost savings, including more convenient data protection and disaster recovery.  According to Gartner, current cloud adoption rates indicate, that in 2020 a no-cloud policy will be as rare as a no-internet policy today. But this development also brings with it challenges. In particular, recent cyberattacks raise security concerns because the networked nature of the cloud allows malware to quickly spread to devices and applications of organizations and compromise data unless proper security measures are taken.

Security Responsibility in the Cloud: The Shared Responsibility Model

Unfortunately, most IaaS offerings and SaaS applications lack integrated malware protection. At the same time, many companies still do not know about their security responsibility in the cloud. Although it is up to the cloud security providers to secure the infrastructure according to the shared security model, they are responsible for the physical security, global and regional connectivity, as well as the power and cooling of their data centers. This model relieves cloud customers of providing their own infrastructure, and the company also benefits from flexible on-demand scalability. But again, it is the responsibility of the user enterprise to secure its own data in the cloud. The responsibility to protect data and applications from malware and targeted cyber attacks

Three potential cloud application vulnerabilities at a glance

Since the cloud is heavily networked, it can have significant consequences if only one vulnerability is not secured. In particular, companies should pay more attention to the following points:

  • File upload from an unmanaged endpoint: Unmanaged endpoints with access to cloud applications pose a significant risk to corporate data. Without control over the endpoints, file upload malware may leak into the cloud application, leading to an enterprise-wide infection and data corruption can cause massive damage.
  • Downloaded infected files: Malware-infected in cloud applications are typically the result of the compromised endpoints described above. Without reliable download threat detection, employees can accidentally drag malware from trusted applications to their corporate and private devices. Once these endpoints are compromised, the infection is spread by uploading files to the cloud.
  • Communication between connected applications: Connected cloud applications can improve the company’s productivity. However, your automated communication and data transfer can transfer existing infections from one application to another. As mentioned earlier, most cloud applications lack native malware protection. As a result, many enterprise SaaS applications are likely to contain malware waiting to be distributed to connected applications.

Every third company of popular cloud applications contains malware. A test of a new kind of ransomware revealed that Google Drive, Microsoft SharePoint, and sixty-two of the best antivirus engines were unable to spot the unknown threat, even though the original version of the malware was already known. Given the fact that many companies rely on standard Antivirus tools and native cloud app malware protection, it’s a worrying result.

Best practices against the spread of malware in the cloud application

  • Protection against malware begins with education

Carelessness and a lack of risk awareness on the part of users favor IT security incidents. However, thorough training can raise awareness of typical safety risks and teach appropriate behaviors. Therefore, regular workshops on cybersecurity and how to handle business applications should be conducted among the workforce. In this way, vigilance becomes part of the corporate culture and employees are kept up to date with the latest cybersecurity risks.

  • Keep all systems up to date

Updates to mobile and desktop operating systems, plugins, and browsers often include critical security patches based on the latest research and testing. In particular, if employees use their personal devices for business purposes, make sure that these updates are instantly downloaded and installed when available. Otherwise, these vulnerabilities can be exploited as an attack vector.

  • Cloud security is more than just device security

In principle, there are numerous vulnerabilities that can be exploited by malware. For example, Fileless malware has evolved significantly in recent years. It uses legitimate software and applications that most businesses use daily to take control of a system. Because Fileless Malware operates atypical, it is barely recognizable for a range of security solutions. If companies rely exclusively on the solutions for securing the end devices, they are vulnerable to such attacks. Terminal security is essential, but not sufficient.

Enhanced protection requires new, intelligent defense technologies that monitor upload, download, and storage of cloud files. For example, using machine learning, which makes risk estimates based on behavior patterns and file properties, even unknown malware variants can be identified.

You need help managing your cloud solution or you want to get started in the cloud? Then the Contact Bleuwire™ they are always at your disposal with help and advice any time.