In recent years, IT has moved to the cloud. But what is called “cloud computing” can present new risks, according to a study. The reason: The computers that make up the cloud have become a hiding place for malware, programs that can hijack or damage someone’s computer or files.
People use “cloud computing” to free up space on their own computers. They can store files containing anything from research data to vacation snapshots. Some people also run programs on devices connected through the cloud, rather than on their own personal machines. This cloud computing therefore allows someone to quickly share files with many other people.
But for all of its advantages, the cloud can have a dark side. That’s a finding of the new study. Malware stored on the devices that make up the cloud can activate – and against you – when you click on certain links on fraudulent websites or when you download an attachment that masks its real intent. These links or attachments will trick the user into linking their computer to files in a cloud where malware is lurking.
“If you’re on a website and you click a button, is that a good button or a bad one?” Christopher Fletcher asks. He is a computer scientist at NVIDIA (En-VID-ee-ah), a technology company in California. The bad news, he warns: âMalware is everywhere. “
Raheem Beyah was part of the new cloud-based malware investigation. This computer engineer works at the Georgia Institute of Technology in Atlanta. He and his colleagues looked for malware in files stored by 20 different companies that store people’s data. These include cloud services owned and operated by Google (like Google Drive) and Amazon.
In total, the researchers polled about 150,000 websites. These sites are linked to cloud repositories. A repository is like a personal locker that stores someone’s files. Every cloud hosting service had repositories containing malware, according to the new study. The researchers analyzed 6,885 repositories and confirmed that 694 contained malware. This meant that the malware was lurking in about one in 10 repositories that had been scanned. They called these dangerous sites “bars”. It is the abbreviation of “bad repositories”.
The story continues below the map.
The malware hackers store in bars is the same type that can infect personal computers, Beyah says. Hackers have simply moved beyond individual machines to infiltrate cloud services, he concludes. Members of his team presented the results of their study on October 24 at an IT security conference in Vienna, Austria.
Users can’t tell the difference between good programs and malware, says Fletcher. That’s why he loves Beyah’s new group study. It has identified malware and now offers advice on how to find and avoid it in the future. In addition, he points out, this new study “sheds light on what malware looks like.”
And this is important because the bars are often disguised. The malware they hold can be fragmented, with items stored in different repositories. Thus, scanning a repository with security software may fail to identify a problem. In addition, many bars contain small computer programs that act as bodyguards. These programs even prevent security scanning software from seeing what’s inside.
But Beyah and her colleagues used this knowledge to their advantage. To find bars, they built a scanner to search for these software bodyguards. Normal deposits don’t have them.
The bodyguards may have hidden bars from other researchers, “but it gave them to us,” Beyah says. Without these bodyguard programs, scientists might have missed bars. For people who store data online or use cloud computing, Beyah offers a few tips. Scan cloud files from time to time using malware detection software. And try to think like a hacker, especially if you have computer skills. âPretend you’re a hacker and find out if there is a way to break into your own site,â he says. “It’s good exercise.”
For now, Beyah is skeptical about the security of cloud computing. As soon as new technology appears, attackers find a way in, he says. That’s why it won’t store files online unless it doesn’t care who sees them or encrypted them before uploading them to the cloud. (Encryption is a way to hide the contents of the file and protect it from hackers.)