MIT Warns of Ransomware in the Cloud, Weaponized AI
How secure will the cloud be in the coming 12 months? Researchers at MIT are warning about two specific security threats that IT should keep an eye on throughout 2018.
In an article entitled "Six Cyber Threats to Really Worry About in 2018," the MIT Technology Review points to two specific cloud-based threats: ransomware targeting cloud providers and weaponized artificial intelligence.
Ransomware has been an ongoing security headache for the last two years, with attacks such as WannaCry, which infected some 400,000 computers in 150 countries, capturing headlines for their ability to stroke fears about the vulnerability of data, whether it's business related or consumer data. (See Kaspersky Names WannaCry 'Vulnerability of the Year'.)
Now, however, attackers are turning their attention to the cloud.
In the January 2 piece, MIT warns about ransomware targeting large-scale cloud providers, which can host corporate data, as well as more personal, consumer data such as photos.
While the biggest of the big cloud providers, such as Amazon Web Services Inc. , IBM Corp. (NYSE: IBM) and Google (Nasdaq: GOOG), have increased their spending on security, smaller cloud providers without the security resources of these larger firms could prove tempting targets for ransomware attacks.
"But smaller companies are likely to be more vulnerable, and even a modest breach could lead to a big payday for the hackers involved," according to the MIT article.
The other type of attack that is causing concern is the weaponized use of AI, along with machine learning and neural networks.
While some analysts have spoken about using AI to overcome security gaps within the enterprise, MIT views the technology as a double-edged sword. (See Will AI Solve the IT Jobs Shortage?)
Specifically, MIT sees AI being used to create spear phishing attacks, with the technology being used to create thousands of malware-loaded, fake emails at a pace much faster than any human can. MIT also notes:
Hackers will take advantage of this to drive more phishing attacks. They're also likely to use AI to help design malware that's even better at fooling "sandboxes," or security programs that try to spot rogue code before it is deployed in companies' systems.
Cloud is an increasingly tempting target for ransomware and other type of attacks, especially as it continues to grow. A recent analysis of the third quarter of 2017 found that combined infrastructure-as-a-service (IaaS) and platform-as-a-service (PaaS) markets totaled more than $35 billion. (See AWS, Azure Lead $35B+ Public Cloud Market.)
With all that money and data growing, it's little surprise that cyberattacks will turn their attention to the cloud in 2018.Related posts:
- 10 Cloud Stories That Mattered in 2017
- AWS Reportedly Eyeing Deal for Big Data Startup Sqrrl
- HyTrust DataGravity Acquisition Bears Fruit for Cloud Security
- White House Report Calls for Greater Federal Cloud Adoption