MIT warns of ransomware in the cloud and weaponised AI
How secure will the cloud be in the coming 12 months? Researchers at MIT are warning about two specific security threats that IT should keep an eye on throughout 2018, reports Enterprise Cloud News (Banking Technology‘s sister publication).
In an article entitled “Six cyber threats to really worry about in 2018” the MIT Technology Review points to two specific cloud-based threats: ransomware targeting cloud providers and weaponised artificial intelligence (AI).
Ransomware has been an ongoing security headache for the last two years, with attacks such as WannaCry, which infected some 400,000 computers in 150 countries, capturing headlines for their ability to stroke fears about the vulnerability of data, whether it’s business related or consumer data.
Now, however, attackers are turning their attention to the cloud.
MIT warns about ransomware targeting large-scale cloud providers, which can host corporate data, as well as more personal, consumer data such as photos.
While the biggest of the big cloud providers, such as Amazon Web Services (AWS), IBM and Google, have increased their spending on security, smaller cloud providers without the security resources of these larger firms could prove tempting targets for ransomware attacks.
“But smaller companies are likely to be more vulnerable, and even a modest breach could lead to a big payday for the hackers involved,” according to the MIT article.
The other type of attack that is causing concern is the weaponised use of AI, along with machine learning and neural networks.
While some analysts have spoken about using AI to overcome security gaps within the enterprise, MIT views the technology as a double-edged sword. Specifically, MIT sees AI being used to create spear phishing attacks, with the technology being used to create thousands of malware-loaded, fake emails at a pace much faster than any human can.
MIT also notes: “Hackers will take advantage of this to drive more phishing attacks. They’re also likely to use AI to help design malware that’s even better at fooling ‘sandboxes’, or security programmes that try to spot rogue code before it is deployed in companies’ systems.”
Cloud is an increasingly tempting target for ransomware and other type of attacks, especially as it continues to grow. A recent analysis of the third quarter of 2017 found that combined Infrastructure-as-a-Service (IaaS) and Platform-as-a-Service (PaaS) markets totaled more than $35 billion.
With all that money and data growing, it’s little surprise that cyberattacks will turn their attention to the cloud in 2018.