If stealth hacking hasn’t already come to cloud computing, it will shortly. Protect yourself by knowing your responsibilities and using effective tools. Credit: Undefined Undefined / Getty Images You have to respect that ransomware attacks at least let you know you’ve been attacked. You’ll have an opportunity to defend yourself and batten down the hatches. However, a rising tide of cyberattacks is much more sneaky about things. Called “stealth hacking,” these subtle attacks try to see your data and processes without alerting anyone that this is occurring. In the world of consumer computing, this may manifest as keystroke-monitoring malware that installs from a malicious download. The hacker hopes to remain undiscovered and gather as much data as possible until the jig is up, or perhaps never be discovered at all. The enterprise world is a bit scarier. The damage that a non-stealth hack can do is easy to define as to risk and cost. According to RiskIQ, in 2019, “Every minute, $2,900,000 is lost to cybercrime, and top companies pay $25 per minute due to cybersecurity breaches.” However, if you don’t know that you’re being monitored, the damages could be 10 times that of an instantaneous attack. Since many stealth hacks go undiscovered, there is no good data on the damages that actually occur. On the top of the list: Insider trading of stock, getting access to sales and other accounting data pre-earnings announcements Pre-audit movement of cash from company accounts Blackmail due to access to HR records The assumption is that this kind of hacking targets on-premises systems which often are being neglected now with the focus on cloud computing. But this problem is likely to move to public clouds as well, if it hasn’t already. Although many would say the public cloud providers are responsible to better protect their customer’s data, the reality is that it’s a “shared responsibility model.” This means the cloud vendor provides you with the tools and procedures to be secure, and it’s up to you to implement them correctly. For instance, if you misconfigure the security for storage buckets in the public cloud and data is accessed, that’s on you. So, what should companies that employ cloud do to minimize the chances that they get stealth hacked? It’s really cloud security 101, including the need to proactively monitor all systems and data stores. This is where management and monitoring tools, such as AIops, come in handy. The core role of these tools is to keep systems healthy and observed, but they can also detect anomalies that may indicate an unwanted guest, such as odd performance behaviors at odd times. However, if the AIops tools are not talking to your security systems then most of this will go unnoticed. I’m just scratching the surface of ways to avoid stealth hacking. Enterprises really need a holistic security strategy that’s systemic to all systems and all points of monitoring. Although these are not easy to set up and are costly to run, the price of dealing with a hack—either stealth or not—is at least 50 times more. Be smart with this stuff. Related content analysis Strategies to navigate the pitfalls of cloud costs Cloud providers waste a lot of their customers’ cloud dollars, but enterprises can take action. By David Linthicum Nov 15, 2024 6 mins Cloud Architecture Cloud Management Cloud Computing analysis Understanding Hyperlight, Microsoft’s minimal VM manager Microsoft is making its Rust-based, functions-focused VM tool available on Azure at last, ready to help event-driven applications at scale. By Simon Bisson Nov 14, 2024 8 mins Microsoft Azure Rust Serverless Computing how-to Docker tutorial: Get started with Docker volumes Learn the ins, outs, and limits of Docker's native technology for integrating containers with local file systems. By Serdar Yegulalp Nov 13, 2024 8 mins Devops Cloud Computing Software Development news Red Hat OpenShift AI unveils model registry, data drift detection Cloud-based AI and machine learning platform also adds support for Nvidia NIM, AMD GPUs, the vLLM runtime for KServe, KServe Modelcars, and LoRA fine-tuning. By Paul Krill Nov 12, 2024 3 mins Generative AI PaaS Artificial Intelligence Resources Videos