Malware in the cloud: detecting and mitigating threats in GPU-accelerated environments
In the modern day, some hosting providers allow you to rent physical GPUs rather than purchasing high-performance chips yourself. While that’s a good thing for your budget, allowing you to streamline your resources towards project development, it may come at the cost of trust.
If you’re going to be building your next AI, machine learning, or other project on a rented server within a GPU-accelerated environment, you need to know that the service provider is doing everything to keep you safe.
At Cybernews, my team of experts and I have already explored the methods that major hosting brands like Liquid Web use to protect their customers. With new and advanced malware that’s often based on AI models, the real question is whether service providers can even keep up. We’ll address the matter of security below, as well as expand on exact detection and mitigation steps.
What is a GPU-accelerated environment?
Unlike conventional setups that rely on CPUs for processing and computations, GPU-accelerated environments lean on enhanced computational performance. For instance, many hosting providers now offer cloud-based infrastructures enhanced by bare metal servers and enterprise-grade chips such as the NVIDIA H100, ensuring higher performance and reliability.
As a result, you can turn days or even weeks of work into hours, whether it’s video rendering, content creation, or AI/ML that you’re working on. Sadly, these resources are often turned against the user. Modern cybercriminals have their ways of exploiting the high-performance power of GPUs to favor malicious software and viruses that plague GPU-accelerated environments.
How cyber criminals target GPU cloud environments
As I’ve already mentioned, cyber criminals have found new ways of exploiting high-performance environments for their gain. Here’s how they do it in most cases:
- Cryptojacking: This one might seem harmless for the end user, as cyber criminals use malware to steal the resources of the GPU to mine crypto in their favor. While they wouldn’t be stealing anything from you or the server in this case, you might start spotting severe performance drops and a lack of computational power from the GPU. Still, the worst thing for the end user is the risk of not noticing such an action in the first place. Most users are unaware of the background mining taking place, which can lead to significant performance loss, higher electrical consumption, and even system overheating.
- Enhanced DDoS attacks: Distributed Denial of Service (DDoS) attacks are common today, and most internet users have grown accustomed to them. However, basic DDoS protection tools won’t keep you safe from advanced, GPU-accelerated DDoS attacks. This way, criminals could obtain your system passwords, crack personal or company details, and even train their own AI models with the goal of compromising your environment, increasing the chance of ransomware.
- AI malware: I saved the worst possible outcome for last, and it’s having to deal with AI-enhanced malware. As if regular DDoS attacks and viruses weren’t enough, GPU-accelerated environments are particularly prone to malicious AI software running through self-learning models, making it increasingly difficult to defend against such threats.
How to identify malware in GPU cloud systems
Now that you’re aware of the risks, it’s time I discussed the main detection strategies. Thankfully, some cloud service providers handle such issues internally with their dedicated security systems and staff.
- Check how system resources are being used: First things first, you can use dedicated tools for performance and resource monitoring. Such tools allow you to establish base performance metrics and identify common computational loads. So, whenever there’s a discrepancy in the readings, you’ll have a clear sign that something isn’t right.
- Analyse the traffic: Another helpful solution is to analyse the traffic, especially when it comes to shady outbound connections. Based on the network traffic patterns, you can identify malware and inspect data packets to find the culprit.
- Employ behavioral analysis tools: One of the best ways to tackle enhanced malware in GPU-accelerated cloud environments is through behavioral analysis tools. Such tools allow you to predict even sophisticated threats like AI malware or zero-day exploits, and the best thing is that most of them keep improving in accuracy through machine learning algorithms. In other words, you’d pretty much be using cyber criminals’ techniques against them.
- Focus on containerization: A sophisticated security threat requires an equally advanced solution. So, you can use the tools that deal with such threats by looking into containerized data and the embedded files for each container.
How Liquid Web handles cloud malware protection
Besides these pieces of advice that you can apply yourself, I’d also recommend leaning on safety systems integrated in the cloud environment itself. For that, you’ll need a reputable and renowned provider, so I went ahead and checked what Liquid Web has in store for you:
| GPU hosting provider | Security solution | Explanation |
| Liquid Web | Imunify360 PLUS | Select Liquid Web plans include the advanced Imunify360 PLUS toolkit, which provides a layered approach to malware protection through web app firewalls, intrusion detection systems, and integrated antivirus solutions. |
| Liquid Web | ServerSecure PLUS | Offers an enhanced security add-on that reinforces the server’s firewall and control panel and blocks malicious actions. |
| Liquid Web | ThreatDown EDR | Liquid Web provides an AI-driven endpoint protection system obtained through its partnership with Malwarebytes. |
| Liquid Web | Multi-Engine Antivirus | The service offers integrated premium antivirus solutions, such as ESET for Windows or ClamAV for Linux. |
Mitigation and prevention steps
If you’d like to keep your computational power up and reduce the chance of having to deal with stolen data or ransomware, I’ll lead you through a few mitigation and prevention steps. Naturally, such activities are also performed by the service provider itself, but it can’t do any harm to know the following protection tips yourself:
Monitor your system in real-time
To keep your cloud environment spotless, you should focus on real-time security monitoring. This includes utilizing endpoint detection and response (EDR) tools that are particularly effective in protecting GPU-accelerated cloud environments.
If you choose the right tool for the job, not only will it be able to detect malicious activity within the cloud, but it will also do the rest of the work for you. That includes an automatic quarantine for potential threats, as well as response solutions.
Focus on backup and recovery
If you want to feel completely safe and protected from threats like ransomware, you should consider automated backup solutions. This is especially important when developing a complex machine learning or an AI model.
Cyber criminals might try to steal your model and then charge you to give it back. This way, you’ll at least feel safe in case anyone tries such malicious tactics. Plus, you should focus on recovery methods to ensure that you’ll be able to exploit the backup fully.
Do proper patch management
Another highly effective way to protect your cloud environment is to keep all your software up to date. You can rely on automated patch installation tools that always keep all of the follow-up software in a cloud system updated to the latest version.
This way, you can remove the chance for cyber criminals to find a security breach in the existing software. Automated patch management is especially important when you are between software versions.
Testing your system for vulnerabilities
Along with system monitoring and behavioral traffic analysis, it’s also worth doing frequent vulnerability checks. Through these, you can get actionable insights into potential security breaches and the weak spots of your security system as a whole.
This is especially important when it comes to managed cloud services. For instance, LiquidWeb uses a unique vulnerability scanner, which assesses your system’s exposure to advanced malware threats and viruses.
It also generates monthly vulnerability reports that you can use to improve the overall security. Naturally, you’d also get some custom tips and pointers specific to GPU-accelerated environments, which is worth its weight in gold in today’s online world. Always pick cloud service providers with the right set of features for vulnerability testing.
Anti-malware features of managed cloud services
Managed cloud service providers are setting the stage for potential malware attacks, which is why they’re so beneficial as a choice. You can get way more value from their integrated security features when compared to utilizing personal safety tools. Here’s what companies like Liquid Web bring to the table in that sense:
- Expert security management: Unless you’re a cybersecurity expert, you won’t get anywhere near the level of major cloud service providers in terms of security management. All the solutions are internal, which means they’re also used for testing and mitigating risk and malware attacks for other GPU-accelerated environments. In other words, they’re experienced at what they do, so you can count on their safety solutions hitting the spot.
- Regulatory compliance with industry standards: Some integrated security systems, such as the Imunify360 PLUS, go well beyond malware protection as a whole. They ensure that your system is equipped with security measures that comply with the regulatory standards.
- Scalable solutions for your company: Finally, cloud server providers also focus on providing scalable security solutions. In other words, they utilize frequent updates and focus on delivering the best security features according to your scale of operations.
The increasing role of zero-trust systems
Because of the rising number of malware and virus attacks on GPU-accelerated cloud systems, zero-trust models have become the go-to option for most users. This type of architecture assumes that no user or system is deemed trustworthy until authentication comes into play.
I’ve seen providers like Liquid Web featuring such solutions with consistent authentication and verification policies. While this significantly lowers the risk and your system’s exposure, it also makes the system itself a bit tougher to use.
Closing thoughts
Ultimately, it all boils down to finding the service provider that ticks all the boxes in terms of GPU-accelerated cloud system security. The biggest issue is that GPU-accelerated systems are growing and evolving rapidly, which means they’re getting increasingly complex to keep safe from harmful software and viruses.
For that purpose, advanced hosting providers like Liquid Web stand out as your best option. They’ve got entire teams of support experts at your disposal, and neat features like monthly vulnerability reports and integrated safety solutions outweigh their cost by a wide margin.
The bottom line is this: it’s possible to keep a GPU-accelerated cloud system safe even from the most advanced malware attacks. The trick is finding providers that tick all the boxes, from the latest infrastructures to expansive security toolkits.
FAQ
Are GPU-accelerated systems more vulnerable to malware attacks?
Yes, GPU-accelerated systems might be more vulnerable to malware attacks due to their high computational capacity and parallel processing capabilities. In other words, they make an easy target for cybercriminals aiming to exploit AI model training and cryptojacking.
Will I know if my cloud system is affected by cryptojacking?
Maybe. While it’s possible to notice signs of cryptojacking like GPU output fluctuations and lower performance, most cryptojacking malware operates in the system’s background, making it more difficult to track.
Can I use traditional anti-malware for protection?
No, while using a traditional anti-malware tool can be effective to some extent, modern GPU-accelerated malware simply outweighs the capabilities of such tools. That’s why you need an advanced security solution with behavioral and traffic analysis, as well as machine learning detection.
Do Liquid Web’s security systems affect GPU performance?
No, even though Liquid Web uses advanced security systems, they run in the most efficient way possible in the background, so your GPU output will remain unaffected.