How to get protected from Zero-day attacks

From WannaCry to NotPetya and other malware, the IT world, and the world itself has entered a period of vulnerability. However, if a majority of viruses, Trojan and other nasty piece of code can be easily stopped with up-to-date operating system and anti-malware, a special type of vulnerability leave systems open for attacks, and those are Zero-day attacks.

What is a zero-day attack?

A zero-day is a undisclosed software vulnerability that hackers can use to launch an attack on a computer, a network, data, apps or other computers. Basically, think of a zero-day as an unlocked back door that a thief can use to enter your premises. It’s called zero-day because it leaves no time for the coders to correct the software before a villain can exploit the breach and launch an attack.

Because patching a system, that is modifying the source code to close the back door, can take some time, this leaves a window of opportunity for any hacker to launch an attack. Of course you may ask why software vendors do not close doors as soon as they know they are open. Well, multiple reasons to this. First, it can take time to correct the piece of software since it can have an impact on multiple functionalities that require thorough testing. Then, once the patch is released, users may not apply it immediately, leaving a lot of systems unpatched and exploitable. Some vendors release patches fixed dates, leaving the door opens before the patch is applied. Finally, sometimes zero-day remains unknown from the vendor, as it can be seen as a real weapon for some governments.

Exploiting the zero-day vulnerability

Once a zero day is known, it can be exploited. This can take many forms, depending on the type of breach and on the type of software that has the zero-day. However, this generally translates by leaving a piece of code on the infected machine or by modifying the existing code so the hacker has access to the infected machine. In all cases, the idea of the hacker is to “take ownership” of the machine and its resources.

We are seeing more and more two main types of exploits: ransomware and spyware. Ransomware encrypts your data and ask for a ransom to give you access back. Spyware gets your data as you use your computer and can get your identities and passwords to access your bank accounts and any other of private information. In all cases, these malwares aim at getting something from you, from information to identity, from money to compute power.

How to get protected?

Of course, the first thing you may ask yourself is how to get protected from something you do not know about? Well, there are many ways since we are dealing with computer security. Although hackers are very clever and attacks are more sophisticated, a simple set of good practices will get you protected from most problems.

  1. Update your software on a regular basis. This sounds obvious and sometimes can lead to catastrophic failures as in the case of Petya which corrupted the software update mechanism of a given software, but this is the first step to generally increase protection. This is particularly important for operating systems (Windows, Mac OS, Chrome, Linux mostly on computers, Android, iOS for phones), browsers and apps that rely on internet connections.
  2. Use anti-malware that protects you against zero-day exploits and detect breaches. Modern antivirus and antimalware can detect most zero-day by strengthening security of the PC – for instance, requiring your normal identify does not have admin rights –, monitoring any unsolicited modification to executable files and preventing rogue links and attachment to be used. And always check links and attachments before clicking on them. A PDF file, with a .exe extension is not a PDF!
  3. React rapidly to any exploits. If your system has been compromised, follow the recommendation from your software provider. Sometimes, it’s just patching your system, sometimes it requires a complete reinstallation.
  4. Backup, backup, backup. The simple and effective procedure against data loss is to backup your data. A word of caution though with services like OneDrive, Dropbox or Google Drive. If those services are great to synchronize your local files with their cloud copies, a compromised system can sometimes replicates the rogue files to the cloud, infecting the copies. So a real backup whether local or remote, an a regular basis provides the best protection against potential data losses.

Zero-day exploits will become more and more frequent and getting protected is crucial. It’s not rocket science, as you can see above, but requires a good process and discipline. Start today, do not wait for the next attack to happen. If you are in a company, talk to your IT department to understand what processes and procedures are in place to prevent zero-day attacks. And finally, avoid to the maximum outdated software that are not supported by vendors, they are the best targets for exploits!

5 questions to answer to choose your first cloud workload

Here you are facing the Cornelian dilemma: cloud or not? However, it’s most probable that the choice has already been made. Cloud it is! Do. Or do not. There is no try. Thus spoke Yoda in the Empire Strikes Back. And Cloud it is. Do! The Cornelian dilemma is therefore not to decide to go, but what to send to the cloud. Which application, workload or virtual machine shall go first. To help you in that choice, let’s answer five simple questions.

1. Is the app accessed through a smartphone/tablet?

Look at how the application/workload/server is accessed. If some users are accessing it from a public internet connection, outside of the office, the cloud could be a serious option. It could deliver better service by freeing resources on your uplink while allowing you to decrease your risk exposures by leveraging security features of your cloud provider.

2. Does the app require scaling?

Scaling means different things for different people, but the idea is all around variable demand in compute powers. Think a payroll system. It’s used mostly at the end of month to process pay slips and then goes almost idle. This means most of the time you need very little power and then extra power. However, if you run your own infrastructure, you need to scale it for the peak. By moving this workload to cloud services, you pay the extra power only when you need it and not as an asset that sits idle in your date center most of the time.

3. Is an upgrade necessary?

You reach a point, you need more CPU, more storage, more memory, more network, or just brand new servers as the ones you are using are coming to end of life. Moving to cloud will allow you to choose exactly what you need and to upgrade at will, being a click away from any extra capacity you need.

4. Is a necessary feature only available in the cloud?

You want to implement a new feature, whether some AI or special security capabilities for instance, and after thorough research, the only viable way is cloud services. However, the application that will be leveraging this feature sits in your data center. By moving this application to cloud services, you shift the bandwidth usage potentially to the end user and not to the app itself.

More and more advanced workloads will be only available through cloud services for obvious elements of scale. Taping into global intelligence can help get the right information on time.

5. Does speed to market an intrinsic requirement?

Business is requiring faster time to market of new solutions. Whether it is to go faster than competition or just answering market needs. Setting up new services on premises requires hardware and software acquisition, development of the solution and setup in the existing infrastructure. By choosing a cloud infrastructure, you can:

  • develop and test at will, including scaling up and down to test various configurations;
  • go in production faster by choosing the right servers/containers;
  • upgrade on a constant basis without having to worry about fitting in the existing infrastructure.

When you look at your current IT landscape, and at each of your application/workload/server, the ones that have a yes at one of the previous questions are candidates to the journey to the cloud. The last point to consider among those apps is the dependencies. Some apps are autonomous, some are dependent to others. The best candidate as the first to go to cloud is the one that has the least dependencies. This sounds like common sense, however, this will considerably ease your task.

Top photo by Markus Spiske on Unsplash

Why not going cloud is suicidal

Out of the 500 top companies in 1955, 87% have today disappeared! Why? They just did not embrace change fast enough. This is what is going to happen to your company if it has not yet embraced cloud technologies. Cloud is pervasive. From paying your taxes to liking your friend’s pictures. From booking your plane tickets to finding the next dinner’s recipe. From storing your emails to hosting your banking applications. Cloud is everywhere.

Now, if you happen to work in a company, ask your IT guy where are the servers, the data and the applications? In the company’s data center (or server room) or somewhere in the cloud? Whatever the answer, ask the same guy if you can access all the company applications anywhere, anytime on any device, and listen carefully to the answer. If it’s a no, your company is living in the 20th century and may disappear in the near future, outpaced by a faster and leaner competitor. If it’s a “no but pretty soon yes”, then you are the right path.

What is the cloud?

Ask 10 different person the above question, and they’ll come with 10 different answers. I like the “official answer” from the National Institute of Standards and Technology: “Cloud computing is a model for enabling ubiquitous, convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction.” Okay, not the simplest answer that exists, but the most complete and precise. Take a moment to read the definition slowly. Done? Ready for my definition?

The cloud is all about accessing data, applications and services from internet, without having to manage the necessary infrastructure. You need mail? Subscribe to a mail provider. You need payroll? Subscribe to a payroll provider. You need payment mechanism? Subscribe to a third party payment provider, and so on, and on, and on. Basically, when you need an app or a service, you do not purchase servers, storage, network and software, you subscribe to the necessary service through a service provider. In the end, you do not own any IT but some desktops and internet bandwidth.

Why going to cloud?

Again, ask 10 different persons the above question and you’ll get 10 different answers. I’d rather provide an answer around the 5 main characteristics of the cloud as defined again by the National Institute of Standards and Technology:

  1. On demand. Cloud services are on demand, pay per use… More and more people do not own cars anymore but use Uber or other similar services. Much less costly and much more flexible in the end!
  2. Universal access. All you need is an internet connection and voilà! No need to create VPN, to setup dedicated line, and to manage those lines. All you need is an internet access, secured of course!
  3. Resource pooling. The resources (servers, storage, network, apps, etc.) are shared by all users and are allocated based on usage and needs. Therefore, you may have instantaneous access to a very vast array of resources without having to purchase them.
  4. Elasticity. Because cloud offers on demand resource pooling, you can access a lot of compute power for a short period and release it when you do not need it. Think about the sales spike at Christmas for a retailer for instance.
  5. Measured service. Everything you do is measured and billed. Therefore, you know exactly how much your IT cost, almost per user or per department. This allows precise ROI calculation and internal billing mechanisms.

All this without having to use your hard-earned money on purchasing and maintaining an IT infrastructure. As a parallel, think about electricity. Do you have your own electric plant? Probably not (except if you are in Nigeria, but this is another story)! Same for IT. Cloud provides cost efficiency, flexibility and offers services that would be very difficult and costly to deliver on premises.

Why not going now is committing corporate suicide?

Still not convinced that the cloud is the way to go? Scared by horrible stories about the NSA, WikiLeaks or Edward Snowden? Let me tell you something very simple: as soon as you connect any piece of equipment to internet, one way or another, it risks to be breached.

Using cloud technologies is generally the best way to heavily secure any data, app or service in a much better way than you can do on premises. I will cover security in a following post, since it has become a very hot topic. Now, what if you are still not convinced? Think about why you are committing corporate suicide if you are not going to the cloud right now:

  1. Your competitors are going to the cloud and are getting leaner. They will be able to lower their price or provide more services, making you irrelevant. This is already happening in every industry.
  2. Your employees are watching what’s happening elsewhere and will leave. Whether millennials, X or Y generations, everybody realizes how fast you can do things if you have the right online tools. Not having them in the corporate environment if a big no-no!
  3. Your customers will look for more service, faster, better, cheaper. And delivering those services is only possible with a good return on investment with pervasive technologies.
  4. Your capacity to innovate will slow down. Thyssen Krupp does not sell elevator anymore, they provide lift services. How different is it? They are using cloud technologies and Internet of Things to increase security, lower breakdown and provide a better uptime.

Employees, customers, operations, innovation are the four pillars of any company, private or public. If you cannot increase employee and customer satisfaction, decrease operations costs while enhancing operations effectiveness, and deliver faster and better innovation, you are on the past of becoming obsolete!

And now?

It’s not too late! Even if you are still scratching your head about what to do, you can embrace cloud technologies and rip all their benefits. How? Pick up your phone. Yes, your nice smartphone, the one you are posting pictures on Facebook with! Pick it up and have a look at all the apps that are running on this phone. All of them are powered by the cloud. You trust them. You use them daily. Which of them is the equivalent of an app you are using for your corporate work? Mail, file sharing, travel booking? Pick one, just one and ask you what would be necessary to move this corporate application to cloud services.

Consider the additional benefits you will get, the cost reduction you will enjoy (take all the costs in consideration) and the management simplification from the back-end perspective, then commit to a date! Cloud may not be the solution for everything but is becoming slowly. Banks are moving their core banking to cloud services. Insurance companies are calculating actuaries with cloud compute power. Large and small companies are throwing their datacenters away. Don’t be a dinosaur. Remember birds are the evolution of some dinosaurs. Do you want to become a soaring eagle or a decaying triceratops? The choice is yours!

Before leaving, download a simple checklist to help decide if any given app has to be moved to the cloud. Click the button below!