Ransomware to hit cloud computing in 2018, predicts MIT Technology Review

Supported By:

Net Patrol International Inc.  Data Investigation and Forensic Services
Bankruptcy and Insolvency Trustees

While the trend of big data breaches is set to continue, with organizations that hold personal data topping the target list, ransomware aimed at cloud services is likely to be a new development, the MIT Technology Review predicts.

Cloud computing businesses are likely targets of ransomware attacks because they typically store huge amounts of data for companies.

While the biggest and oldest cloud service providers such as Google, Amazon, and IBM have the resources and experience to make it difficult for attackers to succeed, the MIT Review points out the smaller cloud providers are likely to be more vulnerable and more likely to pay up if customer data were encrypted and held for ransom.

Although 2017 has seen the emergence of an AI-driven arms race, with artificial intelligence (AI) being used by cyber attackers and defenders alike, MIT predicts that 2018 will see greater adoption of machine learning models, neural networks and other AI technologies by cyber attackers.

Machine learning can process massive quantities of data and perform operations at great scale to detect and correct known vulnerabilities, suspicious behaviour, and zero-day attacks.

However, the McAfee Labs 2018 threats predictions report warns that adversaries will certainly employ machine learning themselves to support their attacks, learning from defensive responses, seeking to disrupt detection models and exploiting newly discovered vulnerabilities faster than defenders can patch them.

Machine learning models can also match humans in generating convincing phishing emails but can do it at scale, and attackers could use AI to help design malware that can circumvent malware detection software.

To win this arms race, McAfee believes organizations must first augment machine judgment and the speed of orchestrated responses with human strategic intellect. Only then, according to the security firm, will organizations be able to understand and anticipate the patterns of how attacks might play out, even if they have never been seen before.

Read the full story over Computer Weekly.

This story was summarized by Canadian Fraud News Inc.