Do You Need a Cloud Malware Analysis?

In 2014, almost everything gets stored in cloud servers. Customer data? Check. Marketing metrics? You betcha’. Websites? Yes, sir. Applications? Absolutely. Mission-critical data? You better believe it.

Users turn to professional cloud service providers to store, monitor and manage just about any sort of digital information imaginable in the cloud. Whether you’re hosting your website up there, sharing customer data with your staff, backing up your data there or some combination of those and any number of other uses, you’re probably taking full advantage of the cloud. And why wouldn’t you? It’s fast, reliable and affordable (you’ll only have to pay for the storage space you absolutely need at any given time). Oh, and a crack squad of data operators will be taking care of your data and the hardware it’s stored on around the clock. What’s not to like about that?

But with the cloud’s booming popularity come threats to users’ cloud instances. It’s only natural, of course. That’s just what happens when enough people start using any particular technology: someone with malicious intent tries to ruin a good thing for everyone. With everything that’s being stored up in cloud servers these days, more and more malware is making its way in too.

According to Tech Target, however, this might not be as bad as it initially sounds. In fact, it does have some upside. As a result of malware finding its way up into the cloud, a number of malware protection companies like Cisco Systems Inc.’s Sourcefire, Lastline Inc. and Palo Alto Networks Inc. have put together virtual sandboxes in which malware and other potentially dangerous code can be analyzed and identified in a hurry.

What Is Malware?

Before we get deeper into what’s going on with malware protection in the cloud, let’s take just a quick moment or two to talk about malware itself. What is malware exactly? It’s malicious software of any sort that gets installed without your adequate consent. This type of software is explicitly designed to gain unauthorized access to a system or to damage it without the owner ever realizing it’s happening until it’s too late.

Software is usually considered to be malware when the intent of its creator is to do harm in some way, shape or form. Malware in general is becoming more common largely due to the amount of money that can be illegally made through internet crimes. Yes, while malware was first cooked up as a way to mess around online and carry out pranks for entertainment at the expense of others, it is often used these days as a means to illegally make money. Adware does this through forced advertising, ransomware by extorting money, spyware by stealing sensitive information and zombie computers by spreading email spam and other, more illicit tactics.

How Can I Get Malware Protection in the Cloud?

Since the amount of malevolent code floating around on the internet continues to grow and grow and grow, cloud-based virtual sandboxes like those mentioned a few paragraphs back have been created to as a resource to protect against it.

Everyone knows that scalability is one of the primary benefits of using cloud services. If you need more data you scale up, if you need less data you scale down. It’s simple, convenient and cost-effective. These sandboxes also have scalability, which is why they are exceedingly effective at combatting malware in the cloud.

“The cloud gives them the ability to scale out quickly, whereas an on-premises appliance is much harder to scale,” Gartner Inc. Analyst and Research Director Lawrence Pingree explained to Tech Target. “I do believe these sorts of virtual sandbox solutions are very important tools in advanced malware identification and protection for that reason.”

Newly announced advanced malware protection from Lastline has a pretty simplistic cloud aspect to it. Its anomaly-based sensor detects files, code or network behavior that either haven’t been identified or appear to be suspicious. It then compares what it finds against a database of known malware as well as other potential threats. If it still believes that there is an unidentified threat it will upload the code or file to Lastline’s private cloud sandbox for a deeper analysis of it.

These virtual sandboxes can add or subtract CPU, memory and/or storage capacity depending on the number of files that are being uploaded to them. On top of that, they are designed to behave like a full computer system does in order to give Lastline the same type of perspective into any possible malware that an end user would have.

Why Rush to Get Malware Protection?

Since its launch in 2011, the system has seen its users upload hundreds of thousands of programs and files on a daily basis. Lastline VP of Product and Business Development Brian Laing said that while there is an ever-growing number of high-profile data breaches and malware incidents, it’s usually more low-level stuff that poses problems. There are myriad malicious codes and files that originate from basic keylogging programs to simple email Trojans. A spike in their usage tends to cause a rush of businesses looking to upload things into Lastline’s cloud sandbox.

The cloud allows Lastline to gain an advantage over systems that don’t use it aggregates files and metadata in the same location, says Laing.

“If we see a large number of customers with a large number of similar requests, then we know that’s indicative of a larger infection. So cloud also provides us a more rapid response ability to analyze and address the malware,” Laing said. “And if 100 customers saw a new type of malware, then all 100 would have to analyze it separately in their networks. But now, collectively they can communicate with our cloud and we can respond faster to potential threats.”

Cloud-based malware detection and analysis products have a noticeable speed benefit over products not using the cloud. However, some industries (like the financial sector) have regulatory rules in place that prevent companies operating under them from submitting their files to an external cloud source.

For those who can do so, however, using cloud malware protection is often a great idea due to its speed and scalability – not to mention the increasing amounts of cloud-based malware attacks.

Image Source: PC Mag

Find out more about Nick Santangelo on Google Plus

Loading Facebook Comments ...
Loading Disqus Comments ...

Leave a Reply