Service Provider Cloud

MIT Warns of Ransomware in the Cloud, Weaponized AI

How secure will the cloud be in the coming 12 months? Researchers at MIT are warning about two specific security threats that IT should keep an eye on throughout 2018.

In an article entitled "Six Cyber Threats to Really Worry About in 2018," the MIT Technology Review points to two specific cloud-based threats: ransomware targeting cloud providers and weaponized artificial intelligence.

Ransomware has been an ongoing security headache for the last two years, with attacks such as WannaCry, which infected some 400,000 computers in 150 countries, capturing headlines for their ability to stroke fears about the vulnerability of data, whether it's business related or consumer data. (See Kaspersky Names WannaCry 'Vulnerability of the Year'.)

(Source: StockSnap via Pixabay)
(Source: StockSnap via Pixabay)

Now, however, attackers are turning their attention to the cloud.

In the January 2 piece, MIT warns about ransomware targeting large-scale cloud providers, which can host corporate data, as well as more personal, consumer data such as photos.

While the biggest of the big cloud providers, such as Amazon Web Services Inc. , IBM Corp. (NYSE: IBM) and Google (Nasdaq: GOOG), have increased their spending on security, smaller cloud providers without the security resources of these larger firms could prove tempting targets for ransomware attacks.

"But smaller companies are likely to be more vulnerable, and even a modest breach could lead to a big payday for the hackers involved," according to the MIT article.

The other type of attack that is causing concern is the weaponized use of AI, along with machine learning and neural networks.

While some analysts have spoken about using AI to overcome security gaps within the enterprise, MIT views the technology as a double-edged sword. (See Will AI Solve the IT Jobs Shortage?)

Keep up with the latest enterprise cloud news and insights. Sign up for the weekly Enterprise Cloud News newsletter.

Specifically, MIT sees AI being used to create spear phishing attacks, with the technology being used to create thousands of malware-loaded, fake emails at a pace much faster than any human can. MIT also notes:

Hackers will take advantage of this to drive more phishing attacks. They're also likely to use AI to help design malware that's even better at fooling "sandboxes," or security programs that try to spot rogue code before it is deployed in companies' systems.

Cloud is an increasingly tempting target for ransomware and other type of attacks, especially as it continues to grow. A recent analysis of the third quarter of 2017 found that combined infrastructure-as-a-service (IaaS) and platform-as-a-service (PaaS) markets totaled more than $35 billion. (See AWS, Azure Lead $35B+ Public Cloud Market.)

With all that money and data growing, it's little surprise that cyberattacks will turn their attention to the cloud in 2018.

Related posts:

— Scott Ferguson, Editor, Enterprise Cloud News. Follow him on Twitter @sferguson_LR.

kq4ym 1/9/2018 | 12:58:24 PM
Re: warning Lookin at the worst that can happen, the scenario is indeed a bit scary if in fact that as noted cloud providers and others find "AI being used to create spear phishing attacks, with the technology being used to create thousands of malware-loaded, fake emails at a pace much faster than any human can."
Ariella 1/3/2018 | 9:22:17 AM
warning well that's not exactly reassuring, though it fits a bit with Elon Musk's warnings about AI a few months back.
Sign In