According to CrowdStrike, hackers' use of cloud-focused attacks shows their preference for identity-based techniques, such as credential theft. It gave the example of a threat group it terms Scattered Spider, which during an intrusion targeting a software developer in North America 'escalated privileges by attaching a new administrator access policy to a preexisting cloud user, to which they added a new access key.'
When it comes to future threats, the company predicts cyber crime groups will make full use of powerful, publicly available generative AI tools to speed up their attacks and find new ways of targeting and compromising victims.
One common use of, specifically machine learning, is to perform real-time anomaly detection based on parameters such as login attempts, network traffic, and API calls.
Google Cloud has placed its bets on the more emerging field of generative AI. In a December 2023 blog post, Phil Venables, vice president and CISO at Google Cloud, said: 'For all of its uses, AI is assuredly a cloud security megatre'
Collection
[
|
...
]