Top 10 Machine Learning Algorithms

Top 10 Machine Learning Algorithms to Know

Top 10 Machine Learning Algorithms Modern advancements in Artificial Intelligence (AI) are set to change our world for the better. These developments have largely been made possible due to technologies such as cloud sharing, data analytics, blockchain, and improved computing power. These technologies have significantly
Seamless Customer Experience for Telecoms: A Practical Approach

Seamless Customer Experience for Telecoms: A Practical Approach

In this age of data and convenience, customers across the globe are getting used to great customer experience from numerous companies. Big names such as Google, Apple, Amazon, and many others lead the way when it comes to ensuring a seamless customer experience. While these

CONTRIBUTORS

A Closer Look at Insider Threats and Sensitive Data in the Cloud

A Closer Look at Insider Threats and Sensitive Data in the Cloud

Sensitive Data in the Cloud A recent survey report conducted by the Cloud Security Alliance (CSA) revealed that  sensitive data ...
Rainmaking From The Cloud - CIOs Struggle To Keep Pace With IT Demands

Rainmaking From The Cloud – CIOs Struggle To Keep Pace With IT Demands

Rainmaking from the Cloud In the digital era, where customers can select virtually anything with a click of a button, ...
The Importance of Cloud Backups: Guarding Your Data Against Hackers

The Importance of Cloud Backups: Guarding Your Data Against Hackers

The Importance of Cloud Backups Cloud platforms have become a necessary part of modern business with the benefits far outweighing ...
How Automation is Changing the Digital Revolution

How Automation is Changing the Digital Revolution

Automated Digital Revolution While the exact moment it began is up for debate (opinions vary wildly on the matter, from ...
Part 2: Strategies for Securing Mobile Devices in a Cloud-based World

Part 2: Strategies for Securing Mobile Devices in a Cloud-based World

Part 2: Strategies for Securing Mobile Devices With workplace mobility now a way of life and companies investing in cloud-based ...
David

The Coming Era of Simple, Fast, Incredibly Cheap Cloud Storage

Cheap Cloud Storage Is On Its Way Data storage, like other commodities such as bandwidth, electricity, or simple computer power, ...
Is 2018 the Tipping Point in Digital Transformation?

Is 2018 the Tipping Point in Digital Transformation?

“Survival, in the cool economics of biology, means simply the persistence of one’s own genes in the generations to follow.” —Lewis ...
Comic
Junaid Islam

Malware Will Cripple Cloud And IoT Infrastructure If Not Contained

The Malware Cloud Concern

This year we’ve had two cyber attacks in which malware was used to cripple government computer systems. Unless counter-measures are deployed, similar malware attacks can be used against cloud and IoT infrastructure.

2017 started with the Shamoon2 cyber attack on Saudi Arabian government systems.  The attack wiped out data on 50,000 compute devices and servers.  More recently a cyber attack against the Ukraine government called NotPetya wiped out data as well as disabled energy management systems.

The destructive power of both malware attacks derived from the difficulty to patch large numbers of compute devices. Thus while the attacks were not “zero-day”, cyber attackers created weapons-grade malware by adding the ability to laterally search for vulnerable systems.

For organizations migrating to the cloud or deploying IoT infrastructure the recent cyber attacks should be a wake up call to the destructive power of malware that can autonomously hunt for targets!

The increasing number of personal compute devices and supply chain partners connecting to enterprise clouds makes universal endpoint protection impossible. Subsequently, malware can find and propagate from infected compute devices to cloud-based applications. Once infected, hosted apps can become malware super spreaders. However as bad as the risk of malware is to enterprises, the risk to IoT systems is even greater.

The new generation of IoT devices has the ability to autonomously communicate locally and globally.  As IoT devices come in hundreds of different variations with specialized software modules, patching IoT systems is far more difficult than personal compute devices.

Infected IoT devices can spread malware from autonomous vehicles and energy management systems to consumer products and cloud computers – and then back again.  A malware attack on billons of networked IoT devices would take months or years to correct.

Biometric Authentication

Fortunately there is a proven counter-measure to weapons-grade malware that is a Software Defined Perimeter (SDP) based application layer access control solution.

Vidder developed an application layer access control solution under the PrecisionAccess brand two years ago.  At that time enterprises with high value intellectual property wanted a counter-measure agianst the Office of Personnel Management (OPM) cyber attack.

The OPM attack utilized stolen credentials in combination with lateral movement to find classified data that was hidden deep in the data center.  To ensure similar attacks didn’t happen again, Vidder developed an access solution that verified identity (to stop credential theft) and then provisioned an application layer tunnel (to stop lateral movement).

Application layer access control protects cloud assets by ensuring only authorized devices are granted connectivity.  Only whitelisted applications on the user’s device are allowed access to a specific port on the application server.  If a hosted app should become infected, application layer connectivity ensures that malware can’t spread from the cloud back to the user’s device.

Similarly application layer access control can protect IoT infrastructure from lateral movement malware by only allowing authorized process-to-process connectivity.  Subsequently malware cannot re-task IoT devices or backend cloud infrastructure.

With cyber attackers now developing malware that can hunt for vulnerable compute devices, we must deploy proven counter-measures to protect cloud and IoT assets.  Application layer access control, such as Vidder’s PrecisionAccess, is a proven counter-measure that should be deployed before disaster strikes.

By Junaid Islam

Junaid Islam

Junaid is the CTO and founder of Vidder which provides distributed access control solutions for large Enterprise and IoT systems. Prior to founding Vidder, Junaid founded Bivio Networks which developed the first Gigabit speed security platform in the industry. Earlier in his career Junaid helped create networking standards such as Frame Relay, ATM and MPLS while at StrataCom and Cisco.

In addition to his technical achievements, Junaid has also made significant contributions to his local community as well as network industry. Junaid was the Human Relations Commissioner of Santa Clara County (Silicon Valley) from 2002 to 2009. Currently Junaid is leading the development of the Software Defined Perimeter (SDP) standard. The Cloud Security Alliance (CSA) awarded Junaid the Ron Knode Award and gave him the title of Research Fellow in recognition of his technical contributions.

View Website

CLOUDTWEAKS COMMUNITY PARTNERS

Each year we provide a number of highly customized branded programs to community support partners and going into our 10th year at CloudTweaks is no different. Sponsorship opportunities will be available for all budgets and sizes including the (premium) thought leadership exposure program or the webinar, podcast, white paper or explainer video lead generation programs.  Contact us for more information on these opportunities.

Cloud Community Supporters

(ISC)²
Cisco
SAP
CA Technologies
Dropbox

Cloud community support comes from (paid) sponsorship or (no cost) collaborative network partnership initiatives.