This article is part of our Essential Guide: Containing ransomware outbreaks now a top infosec priority

Ransomware to hit cloud computing in 2018, predicts MIT

Ransomware targeting cloud services is one of the six biggest cyber threats likely to face organisations in 2018, according to the Massachusetts Institute of Technology

While the trend of big data breaches is set to continue, with organisations that hold personal data topping the target list, ransomware aimed at cloud services is likely to be a new development, the MIT Technology Review predicts.

Cloud computing businesses are likely targets of ransomware attacks because they typically store huge amounts of data for companies.

While the biggest and oldest cloud service providers such as Google, Amazon, and IBM have the resources and experience to make it difficult for attackers to succeed, the MIT Review points out the smaller cloud providers are likely to be more vulnerable and more likely to pay up if customer data were encrypted and held for ransom.

Although 2017 has seen the emergence of an AI-driven arms race, with artificial intelligence (AI) being used by cyber attackers and defenders alike, MIT predicts that 2018 will see greater adoption of machine learning models, neural networks and other AI technologies by cyber attackers.

Machine learning can process massive quantities of data and perform operations at great scale to detect and correct known vulnerabilities, suspicious behaviour and zero-day attacks.

However, the McAfee Labs 2018 threats predictions report warns that adversaries will certainly employ machine learning themselves to support their attacks, learning from defensive responses, seeking to disrupt detection models and exploiting newly discovered vulnerabilities faster than defenders can patch them.

Machine learning models can also match humans in generating convincing phishing emails, but can do it at scale, and attackers could use AI to help design malware that can circumvent malware detection software.

To win this arms race, McAfee believes organisations must first augment machine judgment and the speed of orchestrated responses with human strategic intellect. Only then, according to the security firm, will organisations be able to understand and anticipate the patterns of how attacks might play out, even if they have never been seen before.

Cyber threat predictions

Cyber-physical attacks have long been a concern and first hit the headlines on 23 December 2015, when cyber attacks plunged half the homes in Ukraine’s Ivano-Frankivsk region into darkness for several hours.

But such attacks are becoming more common and MIT predicts that more cyber attacks targeting electrical grids, transportation systems and other types of national critical infrastructure are likely in 2018.

Cyber-physical attacks are expected to be designed to either cause immediate disruption or to threaten to shut down vital systems to extort money from operators. MIT also predicts that 2018 will see researchers and attackers uncovering cyber vulnerabilities in older planes, trains, ships and other modes of transport.

Another trend expected to continue and expand in 2018 is the hijacking of computing power to mine cryptocurrencies by solving complex mathematical problems. According to security firm Malwarebytes, it blocked 11 million connections to cryptocurrency mining sites in a single day in 2017.

MIT warns that cyber attackers hijacking computers for cryptocurrency mining could have a devastating effect if they target computing resources at hospitals, airports and other similar locations.

Read more about cloud security

  • Amazon CISO shares secrets to building secure cloud products.
  • Cloud likely to be top cyber attack target, says McAfee.
  • Research highlights cloud security complacency in organisations that ditch on-premise tech.
  • Public sector IT buyers could be duped into paying more than they need for cloud systems because of confusion over the levels of protection required for data they create and process.

Finally, another threat that is expected to continue and expand in 2018 is cyber attacks aimed at influencing democratic elections. It is widely accepted that Russian-speaking attackers targeted voting systems in 21 US states ahead of the 2016 presidential election.

Despite efforts to address vulnerabilities ahead of the midterm elections in November 2018, MIT warns that determined attackers still have plenty of potential targets, including electronic voter rolls, voting machines and the software usxed to collate and audit results.

In June 2017, it emerged that online voting is being held back in the UK because of fears that cyber criminals could influence the results, with 40% of UK voters concerned about the issue, according to a survey just ahead of the UK elections.

“Claims that Russian hackers had some influence on last year’s US presidential elections have sparked a wave of scepticism around the safety of electronic voting here in the UK,” said Pete Turner, consumer security expert at Avast, which carried out the survey.

In the light of the European Union’s (EU’s) General Data Protection Regulation (GDPR) compliance deadline on 25 May 2018, big data breaches are likely to be the top priority for any organisation that handles the personal data of EU citizens, with fines of up to €20m or 4% of global revenue, whichever is greater.

Data brokers who hold information about things such as people’s personal web browsing habits are likely to be among the most popular targets for compromise, MIT warns.

Read more on Hackers and cybercrime prevention