Ransomware: coming soon to a cloud near you

Cyber attacks are expected to be designed to either cause immediate disruption to cloud-based systems or to threaten to shut down vital systems to extort money from operators.

Jeff Rowe | Jan 08, 2018 12:00 am

Ransomware targeting cloud services is one of the six biggest cyber threats likely to face organizations in 2018, according to the Massachusetts Institute of Technology

That’s according to an article in the MIT Technology Review, which says that while the recent trend of big data breaches is likely to continue, with organizations that hold personal data topping the target list, ransomware attacks are likely to constitute a new threat for IT systems that have migrated to the cloud.

Cloud computing businesses and their clients are likely targets of ransomware attacks because they typically store huge amounts of data for companies. While the biggest cloud service providers have the resources and experience to make it difficult for attackers to succeed, the article notes smaller cloud providers are likely to be more vulnerable and more likely to pay up if customer data were encrypted and held for ransom.

A related development the article predicts, given the rise of artificial intelligence across healthcare and other sectors, will be increased adoption of machine learning models, neural networks and other AI technologies by cyber attackers.

“AI unfortunately gives attackers the tools to get a much greater return on their investment,” explains Steve Grobman, chief technology officer at McAfee, an IT security firm.

Machine learning can process massive quantities of data and perform operations at great scale to detect and correct known vulnerabilities, suspicious behaviour and zero-day attacks, but the McAfee Labs 2018 threats predictions report warns that adversaries will learn from defensive responses and aim to disrupt detection models and exploit newly discovered vulnerabilities faster than defenders can patch them.