It can be extremely difficult to tell if a computer is compromised by malware. Left undetected and undeterred, a compromised computer may be sharing all the data within it with cybercriminals. This can go on for weeks or months, offering untold amounts of company data to bad actors.
One revolutionary new type of computing attempts to solve the question, "What do you do with a computer that's already compromised?" Termed "confidential computing," this puts the process of encryption beyond the software and down into the hardware itself.
How does confidential computing work?
Confidential computing relies on a trusted execution environment (TEE), which is a special component inside the CPU. This unit has encryption keys built within that can only be accessed by explicitly authorized application code. If malware or any other kind of unauthorized code tries to access these hardware-based encryption keys, the computation is immediately halted.
This process works because all data needs to be unencrypted in the computer's memory before it can be processed in an application. All applications are controlled by the operating system (OS), but the TEE is completely separate from this and can't be affected by applications. Without confidential computing, malicious code can intercept this data the instant the code is activated.
The TEE in the CPU inserts an extra step before the OS sees the data. This protects the data by storing it in memory until the application instructs the TEE to decrypt it. Before the TEE decrypts the data, it is totally independent of the OS. And because malware is application-based and requires the OS to function, it's impossible for any malicious code to access the data until the TEE gives the go-ahead to the application.
Through this process, it is physically infeasible for inputted data to be accessed by malicious code. While confidential computing runs in the cloud, not even the owners of the cloud who provide the TEE have access to the encryption keys.
Is confidential computing the future of cybersecurity?
Felix Schuster, CEO of the upstarting confidential computing company Edgeless Systems, believes confidential computing will eventually become mainstream in businesses as a solution to malware-based cybercrime. Edgeless Systems' cloud computing solution called Constellation already works with popular web services such as Microsoft Azure and Google Cloud Platform.
Schuster has reasons to be optimistic. Cloud computing is rapidly being adopted by companies whose data security is vital to their operations. Some European countries that deal in e-health are required by law to use confidential computing.
If Schuster is correct, according to research firm Everest Group, confidential computing could become a $54 billion industry by 2026. Cybercriminals will have to find another way to get to company data without relying on malware.