‘Chaos engineering’ to reduce cloud computing’s susceptibility to cyberattacks

0
207
'Chaos engineering' to reduce cloud computing's susceptibility to cyberattacks
'Chaos engineering' to reduce cloud computing's susceptibility to cyberattacks

Cybercriminals are growing more adamant, and both the sophistication and frequency of their attacks on cloud computing are rising. Distributed denial of service (DDoS) attacks, which overload an organization’s IT systems with more requests and traffic than they can manage, are one approach these groups commonly use.

Today’s technology relies heavily on cloud computing, which forms the foundation of worldwide connectivity. It enables organizations, governments, and people to use and build cloud-based services and serves as the basis for a wide range of daily systems that we depend on, such as banking, healthcare, transportation, telecommunications, and even streaming services. Similar to any other hardware or software, these systems are vulnerable to unforeseen cyberattacks and malfunctions. Cybercriminals are growing more adamant, and both the sophistication and frequency of their attacks are rising. Distributed denial of service (DDoS) attacks, which overload an organization’s IT systems with more requests and traffic than they can manage, are one approach these groups commonly use.

This prevents authorized customers from using the service, which poses serious issues for businesses in the form of decreased customer loyalty and revenue loss. For businesses like Google and Amazon, which provide cloud computing services to house customers’ data, systems, and services, this problem might pose serious challenges. In our most recent study, we used a number of techniques to demonstrate how stress can actually strengthen cloud computing systems. Adaptive techniques and a technique known as chaos engineering were used to help the system learn from errors and cyberattacks. The cloud computing security startup Cloudflare observed a 65% spike in DDoS attacks in the third quarter of their most recent quarterly research on cybersecurity risks.

Four million DDoS attacks occurred in the second quarter of 2024, according to Cloudflare’s statistics. Businesses that employ cloud-based software are susceptible to outages brought on by a variety of difficulties, including physical server failures and denial of service attacks, in addition to DDoS and other intentional attacks. Sometimes, cloud-based websites can be brought down by something as simple as a misspelling.

On July 19, Windows hosts connected to the Microsoft Azure cloud computing system experienced problems brought on by CrowdStrike’s Falcon sensor, resulting in a worldwide IT outage. There was no cyberattack that affected the Falcon sensor, which was built to fend off cyberattacks. An update’s technical problem was the root cause of the outage. On July 31, an eight-hour outage was brought on by a mistake in Microsoft’s DDoS defenses. in Azure. Dissecting frailty Because of the cloud’s intricacy and numerous dependencies on other systems, including cybersecurity, resolving large-scale outages like this is extremely difficult. Reliable patches might take hours, days, or even longer to implement in some circumstances, like CrowdStrike’s.

These kinds of occurrences highlight the weaknesses in our technological infrastructure as a whole, but especially in cloud-based services. Currently, rather than addressing the underlying issues by building more dependable and robust cloud systems, solutions concentrate on controlling the aftermath of these disasters. Integrating advanced tests of software as normal procedures to evaluate its reliability and resilience under duress is essential to preventing failures. Through our study, we are able to better protect cloud users against these dangers by improving the resilience of cloud computing against significant attacks and disruptions. To become stronger, those cloud systems that are now in operation must also change and learn from past mistakes. We have been intentionally assaulting and experimenting with these cloud-based systems using a method known as chaos engineering software programs—to examine the way the system handles these kinds of threats. We observed in one of our most recent studies that this technique can be applied to improve the accuracy of system reaction time predictions in the event of an assault. In chaos engineering, errors are purposefully introduced into a system, and the outcomes are then measured. This method aids in locating and addressing possible holes and weak points in the architecture, design, and management procedures of a system. Techniques may involve terminating processes or jobs, simulating cyberattacks, injecting errors and latency (a lag in a system’s response to a command), stopping a service, or mimicking changes to the system’s configuration and operating environment. Recently, we introduced errors in our experiments.

We have conducted experiments in which we introduced faults into cloud-based systems in real time to study their behavior in stressful situations like faults or attacks. Our method of determining the maximum stress point of the system involved progressively increasing the strength of these “fault injections.” Our analysis showed that this resulted in a decline in both performance and service availability. Thus, problems that were missed by conventional performance assessments were revealed by these chaos engineering studies. Taking lessons from chaos A fantastic technique for improving software system performance is chaos engineering. However, we must integrate disorder in order to develop what we refer to as “antifragility”—systems that could get stronger under stress and turbulence instead of weaker testing using additional instruments that change systems to make them more resilient to attack. To do this, we have presented an adaptable framework.

This approach, named “Unfragile,” makes use of chaotic engineering to progressively introduce failures and evaluate the system’s reaction to these strains. After that, we present fresh, flexible approaches to close the holes created by chaos engineering. This may involve making changes to the software’s source code to enhance its functionality. Real-time metrics on the system’s performance allow for the early detection and resolution of possible issues, which helps the system become adaptive. These adaptive techniques are used with chaotic engineering to notify operators of vulnerabilities in real-time, allowing them to be fixed. Cloud systems are something we can train to not only tolerate stress but to get stronger from it. By doing this, we can make sure that our vital digital infrastructure grows stronger, more dependable, and equipped to learn from turmoil in order to better handle issues in the future.

Also readAt Jar, we’ve leveraged cutting-edge technology to enhance our platform’s efficiency and user-friendliness, says Nishchay Ag, Co-founder and CEO of Jar

Do FollowCIO News LinkedIn Account | CIO News Facebook | CIO News Youtube | CIO News Twitter 

About us:

CIO News is the premier platform dedicated to delivering the latest news, updates, and insights from the CIO industry. As a trusted source in the technology and IT sector, we provide a comprehensive resource for executives and professionals seeking to stay informed and ahead of the curve. With a focus on cutting-edge developments and trends, CIO News serves as your go-to destination for staying abreast of the rapidly evolving landscape of technology and IT. Founded in June 2020, CIO News has rapidly evolved with ambitious growth plans to expand globally, targeting markets in the Middle East & Africa, ASEAN, USA, and the UK.

CIO News is a proprietary of Mercadeo Multiventures Pvt Ltd.