'Lurking Malice' Study Finds Malware Hiding In The Cloud (gatech.edu) 45
"Cloud repositories have become the hub of malicious web activities," warns one computer engineering professor. An anonymous reader quotes SC magazine:
A recent study detected more than 600 cloud repositories hosting malware and other malicious activities on major cloud platforms including Amazon, Google, Groupon and thousands of other sites. Researchers...scanned more than 140,000 sites on 20 major cloud hosting services and found that as many as 10 percent of the repositories hosted by them had been compromised, according to the "Lurking Malice in the Cloud: Understanding and Detecting Cloud Repository as a Malicious Service" report [PDF]...
[According to the researchers] threat actors are taking advantage of the cloud because of how difficult it can be to scan the large amount of storage they provide... service providers which are bound by privacy commitments and ethical concerns tend to avoid inspecting their customer's repositories without proper consent and even when they are willing to inspect them it is difficult to spot malicious content.
[According to the researchers] threat actors are taking advantage of the cloud because of how difficult it can be to scan the large amount of storage they provide... service providers which are bound by privacy commitments and ethical concerns tend to avoid inspecting their customer's repositories without proper consent and even when they are willing to inspect them it is difficult to spot malicious content.
Re: (Score:3, Insightful)
Because, it's a fad. Like outsourcing. The people making the decisions typically aren't technologists, and tend to believe the marketing hype.
Re: (Score:3)
But with that comes a total loss of control. What random code is in the same location with your brand? What is been done in your brands name?
On site experts can ensure your site and brand is clean and fast on totally controlled hardware and software. A cloud offers network balance globally but with a risk to reputation.
Re: (Score:3)
If the cloud is so bad, why is it that virtually all companies are looking to move to it, ditching all enterprise-grade hardware on premises is their edge router to the Internet and AWS? Like it or not, it is the way of the future.
The suits have been sold on how inexpensive it is, and how they can get rid of a lot of employees. This leads to bigger bonuses.
And just like every insourcing versus outsourcing battle, it will be cyclical.
Re: Why are not the host of these cloud services (Score:2)
The cloud providers are not police men. They have no responsibility to make sure their customers are following their policies. They do have a responsibility to shut them down when a violation is found.
They also have very little incentive to stop something that isn't really affecting their service or their brand. Most people don't even know where malware is hosted.
Re: (Score:2)
Very true, they don't have a responsibility to police users, but if their IP range starts getting known for malware, it is likely that IP range will wind up on blackhole lists, and that is a black eye for the cloud provider when clients start complaining they can't reach other businesses.
Re: (Score:3)
The cloud providers are not police men. They have no responsibility to make sure their customers are following their policies.
Congratulations for tshowing exactly why the cloud shouldn't be used.
If your cloud isn't protecting you, or they just give the "It's not our responsibility" bullshit, you just have to put up with whatever they serve you. You are just another customer
Why do we care? (Score:5, Insightful)
Malware is a problem when people try to execute it. Malware laying in “cloud repositories” (what does that even mean?) is doing no harm except waste place. Why waste even more energy trying to scan it? Or even study it?
Re: (Score:3)
Because that's how it's distributed to clients, of course. To use an analogy: "guns only kill when they're fired at people". Therefore, we should take no notice of our aggressive neighbor amassing an army on our border.
I do agree that "cloud repositories" is a pretty buzzword-bingo way to describe "e-mail and web servers".
Re: (Score:2)
Your analogy is flawed in two ways.
First, “cloud repositories” are not used just to distribute malware. But that is not the most important.
Second, if someone shoots me with a gun, I die, I do not have any choice. If someone hands me malware, I ignore it and move to something else.
Malware is a non-issue. The real issue is the abysmal security of consumer devices and software.
Re: (Score:3)
The problem with analogies is that they're all flawed in some way. I should know better by now, because invariable the arguments focus on the analogy rather than the point being made. Fine, forget the analogies.
I'd agree that consumer device security is a major issue (especially with the short supported lifespans of phones and IoT devices), but I think analysis of malware is important in creating better security by analyzing attack patterns. I'm not sure how you could argue that the two are unrelated.
If someone hands me malware, I ignore it and move to something else.
Oh,
Re: (Score:2)
That doesn't appear to be true [theiphonewiki.com]. Although it does appear to be a common belief amongst apple fans.
Re: (Score:2)
Cloud repository is simply a digital warehouse for digital data. By that same token, real world warehouse are responsible for what they store and what they distribute and the law should be exactly the same for the digital warehouse. So what law do you propose to stop digital warehouse fucking purposefully distributing malware, the oops tee hee, I didn't know it was there and we were doing it, giggle, giggle, giggle. You distribute malware at a professional level, then prepare to face the legal consequences
Re: (Score:2)
Yes, why have a loaded handgun at a preschool and leave it laying on the table next to all the toys?
People are inherently stupid. Even the ones who think they are smart tend to be stupid in at least several ways. If it is there, someone will execute it eventually. I used to have a small script that would ping a certain IP address every time it was executed. The firewall for the system at this address would alert me every time it was pinged from inside the network. It was a simple .bat file and I would name
Re: (Score:2)
lol.. The cloud is little more than hosted services outside the premise. There is no high horse or anything involved. It is about risks and mitigation just like the loaded handgun. If you don't want it going off unintentionally, don't leave it where it can. The same with malware, why even have it on your network unless you want it there?
Re: (Score:3)
Malware is a problem when people try to execute it. Malware laying in "cloud repositories" (what does that even mean?).
It means pundits get to coin a new web.0 term -- Dark Cloud .
Re: (Score:2)
Anyone's free to ask my sources in the security community where my data comes from
So you kinda have to tell us exactly who your sources in the security community are if we are to ask them, AC.
Re: (Score:2)
They're listed in my program. I don't do others' homework for them. I just point the way to information.
APK
So are you tellimg me that I have to go to the trouble to attach a real name to you AC - so that I can see the person who wrote your program? You really don't want that do you?
In other news... (Score:4, Insightful)
Water is wet.
If you want to keep data secure, keep it in house and hire people who know how to protect it.
Re: In other news... (Score:2)
Wait ... We can save how much money by eliminating that IT cost center??
Re: (Score:2)
Water is wet.
If you want to keep data secure, keep it in house and hire people who know how to protect it.
One of the best reasons to keep it in house is that the peeps keeping it secure are working for you.
The cloud? You are just another customer, and how's all that customer support going, cloud peeps? Someone in Bangalore saying "Have you tried rebooting your computer?"