What are Advanced Persistent Threats and how do they affect Cloud Computing as a whole? Advanced Persistent Threats and Cloud Computing
Technology can be such a double-edged sword sometimes (to use an old cliché term). It seems as though every step we take forward as a society is met with direct opposition from destructive forces who seem bent on derailing progress. While cloud computing is certainly a wonderful technology, it is certainly not immune to threats and potential security lapses which are often perpetrated by selfishly deranged individuals (or information hungry nations / states). The point is, this is something that we’re all going to have to deal with, but rest assured, steps are being taken to right the wrongs and shut down the criminals’ operations permanently (it just might take a little longer than expected).
At this point you’re probably wondering, “What is an Advanced Persistent Threat, exactly?” Well, in a nutshell, an APT (advanced persistent threat) is a cyber attack that’s characterized by persistence and targeted information gathering where the goal is usually to steal sensitive information. Stuxnet, Madi and Flame are classic examples of APT’s; they burrow into your machine, the entry point usually being from some social media outlet, and then they proceed to beam audio, screenshots, and data to remote servers, or allow email and messaging to be monitored and so forth. These kinds of attacks are advanced because they essentially allow hostile forces to assume control over others’ machines and data in unprecedented ways. Likewise, they are persistent because this type of behavior will often continue on for long periods of time. Most individuals won’t even know that their machine or system is infected; that’s the real danger of APT’s, they find their way onto a system and then lurk in the shadows waiting to strike at key moments.
We shouldn’t despair however because cloud computing offers us great advantages and hope for ridding the world of the APT menace. For example, Joyent and GuardTime, two cloud computing focused companies, have partnered up to create what many feel is one of the more exciting cloud security concepts to emerge (which I’ve previously covered). Their creation allows for an advanced form of data logging / keying which is best described as “tamper evident”. In other words, whenever / wherever data has been compromised there will be tale-tell signs (with additional information being collected about the parties responsible for the attack). This approach not only lets administrators know what’s been affected, it might also provide authorities with enough counter-information to track down and prosecute thieves.
But static security systems are just the tip of the iceberg. Some of the adventurous cloud development laboratories are actively seeking or working toward implementing new types of applications which would incessantly trawl a cloud (in much the same manner as a hacker) looking for unauthorized activities or intruders. Although this is pure speculation here, we might soon see advanced forms of security-based A.I. deployed on larger public clouds. The larger more extensive clouds in particular would benefit greatly from bot-based assistance, and they certainly have the inherent processing power and resources needed to drive advanced A.I. However, as previously stated, this form of technology has yet to arrive, but given the continuing advances in both of these areas (A.I. & cloud computing / cloud security) it might only be a matter of time until it emerges.
Currently, advanced persistent threats are among the top concerns of cloud providers and users. The fear seems to be affecting governmental organizations and businesses who retain sensitive data (financial records, corporate plans, etc) the most. The livelihood of these groups is often tied to the data they store and collect; in fact, if we’re talking about countries, it might be national security that’s at risk. The risks associated with APT’s might have slowed down cloud adoption ever so slightly (out of apprehension). But in reality it’s not that bad or treacherous; most APT risks can be avoided through implementing a solid real-time monitoring solution (which many cloud providers already do). Outside of advanced key logging, real-time monitoring is arguably the ultimate solution for AP threats in the cloud. Organizations who truly value their security and data should feel perfectly safe in any cloud environment which employs a dedicated real-time monitoring solution.
Another excellent defense against potential security lapses is education; more specifically, cloud certification and training for IT workers. It could be said that many threats emerge because connected personnel don’t correctly identify risks or issues before they are allowed to escalate. Cloud computing is in essence, an entirely new field of study which requires formal investigation / education. Through e-learning (online enabled courses), IT pros can absorb all the fundamentals (as well as the complex points, if they’re up to it) so that they can better utilize cloud computing systems and infrastructure.
If anything, advanced persistent threats are helping to shape an even more secure form of cloud computing. The thing about cloud computing is that it is basically a hybrid IT / networking / computing solution on steroids. Anything that traditional IT can do, the cloud can do better; naturally, this extends to security as well. The emerging forms of cloud security will eventually crush APT’s, making them obsolete. Perhaps once the threats of persistent devious attacks are removed, cloud computing providers can shift their focus back toward breaking new ground and delivering new technologies. The point is, this APT problem is only temporary, and solutions are either in place or being devised as you read this. Soon, the APT nuisance will be behind us and we can move on to the next issue on our march toward a more precise cloud computing experience.