
Hackers Can Now Use AI Tools to Break Into Cloud Accounts Faster Than Ever
A security test showed how criminals can use artificial intelligence to break into cloud storage accounts in just three days using stolen login information.
Source
Dark Reading
Original headline: Lone Attacker Uses AI to Breach AWS Cloud Environment in 72 Hours
Plain-English summary by GetCyberRight. Read the full report at the source above.
A recent security demonstration showed that a single attacker used artificial intelligence tools to break into a major cloud computing environment in just 72 hours. The attacker exploited AI workflows, connected multiple security weaknesses together, and used stolen login credentials to gain access. The attack targeted a customer using Amazon Web Services, one of the largest cloud storage and computing platforms. The attacker was able to demand payment to return access to the stolen data. This affects anyone who stores important files, photos, or documents in cloud services like Amazon Web Services, Google Drive, Microsoft OneDrive, Dropbox, or iCloud.
While this specific incident targeted a business customer, the techniques used can work against personal accounts too. If criminals get hold of your username and password for any cloud service, they can now use AI tools to break in much faster than before.
Your family photos, financial documents, and personal files could be locked and held for ransom.
Stay one step ahead of scammers
Weekly cybersecurity briefings for families. No spam, just the threats that matter and what to do about them.
Take these steps immediately to secure your cloud accounts. First, change the passwords on all your cloud storage services right now. Make each password different and at least 12 characters long. Second, turn on two-factor authentication for every cloud service you use.
This means you will need both your password and a code from your phone to log in. Third, review what files you have stored in the cloud and delete anything you no longer need. Fourth, check the login history on your accounts to see if anyone accessed them from an unfamiliar location. Going forward, never reuse passwords across different services. If criminals steal your password from one breached website, they will try it on your cloud accounts too. Use a password manager to keep track of different passwords for each service. Regularly review which devices and apps have access to your cloud accounts and remove any you no longer use. Back up your most important files in more than one place, not just in the cloud.
Curated from trusted cybersecurity sources by GetCyberRight
Source: Dark ReadingStay ahead of cyber threats
Get our free weekly digest. Real threats, plain language, what to do about them. No spam, ever.
More articles
Payment Company Used in Vending Machines and Kiosks Reports Possible Data Breach
Nayax, a company that processes cashless payments at vending machines and self-service kiosks worldwide, is investigating a breach that may have exposed customer payment card data.
2 min readPayment Company Used by Vending Machines Investigating Possible Breach of 1 Billion Card Records
Nayax, which handles cashless payments at vending machines and self-service kiosks, is investigating claims that hackers stole 1 billion payment card records.
2 min read
Canadian University Data Breach: What Students and Families Should Know
Mount Royal University in Calgary experienced a data breach where hackers stole and deleted files. Students and staff may have personal information exposed.
2 min read
University Data Breach: What Students and Staff Should Know
Mount Royal University in Calgary had student and staff data stolen by hackers. If you're connected to this school, here's what to do.
2 min read