UPDATED 15:01 EST / SEPTEMBER 19 2024

Charles DeBeck, threat intelligence strategy lead at Google Cloud, at Google, talks to theCUBE about serverless architecture at mWISE 2024. SECURITY

How serverless architecture is reshaping cybersecurity defenses in a new threat landscape

Today’s cybersecurity environment is changing rapidly. Punctuated by the move toward serverless architecture, the technology presents operational opportunities and unprecedented security challenges.

As businesses continue to embrace serverless, security professionals are sounding the alarm, urging organizations to recognize the growing threats in these environments, according to Charles DeBeck (pictured), threat intelligence strategy lead, Google Cloud, at Google LLC.

“It’s interesting because, from a threat actor perspective, we’re not seeing a ton of activity here just yet, but we have started to see them looking at this space as a potential avenue for exploitation,” he said. “Realistically, it’s tougher to get into serverless environments in some ways because it’s just not as common. It’s not something that they use as often, but we have historically seen examples of threat actors wrapping traditional malware in a way so it could be taken advantage of in a serverless environment.”

DeBeck spoke with theCUBE Research’s John Furrier and Savannah Peterson at mWISE 2024, during an exclusive broadcast on theCUBE, SiliconANGLE Media’s livestreaming studio. They discussed the evolving tactics of threat actors and the challenges of compliance and collaboration, exploring how cybersecurity professionals must stay vigilant and proactive in addressing these emerging threats. (* Disclosure below.)

The opportunities and risks in securing serverless architecture

While praised for its scalability and efficiency, serverless architecture presents new security risks. Traditional malware could be adapted to target these environments. The challenge arises when organizations lack visibility into these systems or fail to implement proper security protocols, making it difficult to detect potential threats, according to DeBeck.

“The key concepts of identity access management and making sure that you have permission and configuration in place is the same as what we see in other parts of cloud environments,” he said. “But from serverless, a key component here is that scalability from compute resources can be very sudden and dramatic. And we can see that an infection can go from a small thing to a huge thing much faster than potential other parts of cloud environments.”

In essence, the ability of serverless systems to scale up quickly can be a double-edged sword. Once they gain access, threat actors can exploit this rapid scalability, turning a small breach into a major incident.

Additionally, there’s been a change in the manner of approach threat actors employ — they’ve shifted from encryption to exfiltration.  In the past, cybercriminals would encrypt data and demand ransom for decryption keys. However, as encryption techniques and defenses have become more sophisticated, threat actors now favor a simpler, more lucrative approach: data theft.

“It turns out encryption is tough, and also decryption is very challenging,” he said. “And so you run into this issue as a threat actor. Should I do an encryption effort and then have to make a decrypter and then have to sell it back to them and they may not want to buy it? That’s a lot of work. Or should I take all their data and then say, ‘I’m going to post this on the internet.'”

Here’s the complete video interview, part of SiliconANGLE’s and theCUBE Research’s coverage of mWISE 2024

(* Disclosure: Google Cloud Security sponsored this segment of theCUBE. Neither Google Cloud Security nor other sponsors have editorial control over content on theCUBE or SiliconANGLE.)

Photo: SiliconANGLE

A message from John Furrier, co-founder of SiliconANGLE:

Your vote of support is important to us and it helps us keep the content FREE.

One click below supports our mission to provide free, deep, and relevant content.  

Join our community on YouTube

Join the community that includes more than 15,000 #CubeAlumni experts, including Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger, and many more luminaries and experts.

“TheCUBE is an important partner to the industry. You guys really are a part of our events and we really appreciate you coming and I know people appreciate the content you create as well” – Andy Jassy

THANK YOU