MIT Warns of Ransomware in the Cloud, Weaponized AI

Scott Ferguson
Scott Ferguson
Scott Ferguson, Managing Editor, Light Reading
1/3/2018



How secure will the cloud be in the coming 12 months? Researchers at MIT are warning about two specific security threats that IT should keep an eye on throughout 2018.

In an article entitled "Six Cyber Threats to Really Worry About in 2018," the MIT Technology Review points to two specific cloud-based threats: ransomware targeting cloud providers and weaponized artificial intelligence.

Ransomware has been an ongoing security headache for the last two years, with attacks such as WannaCry, which infected some 400,000 computers in 150 countries, capturing headlines for their ability to stroke fears about the vulnerability of data, whether it's business related or consumer data. (See Kaspersky Names WannaCry 'Vulnerability of the Year'.)

Vulnerable?
(Source: StockSnap via Pixabay)
Vulnerable?
(Source: StockSnap via Pixabay)

Now, however, attackers are turning their attention to the cloud.

In the January 2 piece, MIT warns about ransomware targeting large-scale cloud providers, which can host corporate data, as well as more personal, consumer data such as photos.

While the biggest of the big cloud providers, such as Amazon Web Services Inc. , IBM Corp. (NYSE: IBM) and Google (Nasdaq: GOOG), have increased their spending on security, smaller cloud providers without the security resources of these larger firms could prove tempting targets for ransomware attacks.

"But smaller companies are likely to be more vulnerable, and even a modest breach could lead to a big payday for the hackers involved," according to the MIT article.

The other type of attack that is causing concern is the weaponized use of AI, along with machine learning and neural networks.

While some analysts have spoken about using AI to overcome security gaps within the enterprise, MIT views the technology as a double-edged sword. (See Will AI Solve the IT Jobs Shortage?)


Keep up with the latest enterprise cloud news and insights. Sign up for the weekly Enterprise Cloud News newsletter.


Specifically, MIT sees AI being used to create spear phishing attacks, with the technology being used to create thousands of malware-loaded, fake emails at a pace much faster than any human can. MIT also notes:

Hackers will take advantage of this to drive more phishing attacks. They're also likely to use AI to help design malware that's even better at fooling "sandboxes," or security programs that try to spot rogue code before it is deployed in companies' systems.

Cloud is an increasingly tempting target for ransomware and other type of attacks, especially as it continues to grow. A recent analysis of the third quarter of 2017 found that combined infrastructure-as-a-service (IaaS) and platform-as-a-service (PaaS) markets totaled more than $35 billion. (See AWS, Azure Lead $35B+ Public Cloud Market.)

With all that money and data growing, it's little surprise that cyberattacks will turn their attention to the cloud in 2018.

Related posts:

— Scott Ferguson, Editor, Enterprise Cloud News. Follow him on Twitter @sferguson_LR.

Like what we have to say? Click here to sign up to our daily newsletter
(2)  | 
Comment  | 
Print  | 
RSS
Copyright © 2019 Light Reading, part of Informa Tech,
a division of Informa PLC. All rights reserved.
Privacy Policy | Cookie Policy | Terms of Use