If stealth hacking hasn’t already come to cloud computing, it will shortly. Protect yourself by knowing your responsibilities and using effective tools. Credit: Undefined Undefined / Getty Images You have to respect that ransomware attacks at least let you know you’ve been attacked. You’ll have an opportunity to defend yourself and batten down the hatches. However, a rising tide of cyberattacks is much more sneaky about things. Called “stealth hacking,” these subtle attacks try to see your data and processes without alerting anyone that this is occurring. In the world of consumer computing, this may manifest as keystroke-monitoring malware that installs from a malicious download. The hacker hopes to remain undiscovered and gather as much data as possible until the jig is up, or perhaps never be discovered at all. The enterprise world is a bit scarier. The damage that a non-stealth hack can do is easy to define as to risk and cost. According to RiskIQ, in 2019, “Every minute, $2,900,000 is lost to cybercrime, and top companies pay $25 per minute due to cybersecurity breaches.” However, if you don’t know that you’re being monitored, the damages could be 10 times that of an instantaneous attack. Since many stealth hacks go undiscovered, there is no good data on the damages that actually occur. On the top of the list: Insider trading of stock, getting access to sales and other accounting data pre-earnings announcements Pre-audit movement of cash from company accounts Blackmail due to access to HR records The assumption is that this kind of hacking targets on-premises systems which often are being neglected now with the focus on cloud computing. But this problem is likely to move to public clouds as well, if it hasn’t already. Although many would say the public cloud providers are responsible to better protect their customer’s data, the reality is that it’s a “shared responsibility model.” This means the cloud vendor provides you with the tools and procedures to be secure, and it’s up to you to implement them correctly. For instance, if you misconfigure the security for storage buckets in the public cloud and data is accessed, that’s on you. So, what should companies that employ cloud do to minimize the chances that they get stealth hacked? It’s really cloud security 101, including the need to proactively monitor all systems and data stores. This is where management and monitoring tools, such as AIops, come in handy. The core role of these tools is to keep systems healthy and observed, but they can also detect anomalies that may indicate an unwanted guest, such as odd performance behaviors at odd times. However, if the AIops tools are not talking to your security systems then most of this will go unnoticed. I’m just scratching the surface of ways to avoid stealth hacking. Enterprises really need a holistic security strategy that’s systemic to all systems and all points of monitoring. Although these are not easy to set up and are costly to run, the price of dealing with a hack—either stealth or not—is at least 50 times more. Be smart with this stuff. Related content analysis Generative AI won’t fix cloud migration You’ve probably heard how generative AI will solve all cloud migration problems. It’s not that simple. Generative AI could actually make it harder and more costly. By David Linthicum Jul 12, 2024 5 mins Generative AI Artificial Intelligence Cloud Computing analysis All the brilliance of AI on minimalist platforms Buy all the processing and storage you can or go with a minimum viable platform? AI developers and designers are dividing into two camps. By David Linthicum Jul 09, 2024 5 mins Generative AI Cloud Architecture Artificial Intelligence analysis The next 10 years for cloud computing Despite AI's explosive growth, the industry still needs to face facts that customers are unhappy about costs and vendor lock-in. By David Linthicum Jul 05, 2024 5 mins Amazon Web Services Google Cloud Platform Microsoft Azure analysis Serverless cloud technology fades away Serverless was a big deal for a hot minute, but now it seems old-fashioned, even though its basic elements, agility and scalability, are still relevant. By David Linthicum Jul 02, 2024 4 mins Serverless Computing Cloud Computing Software Development Resources Videos