AI Is Accelerating Cloud Cyberattacks, Google Warns

Artificial intelligence is accelerating cyberattacks in the cloud, according to a new security report from Google. Researchers found that threat actors are exploiting vulnerabilities faster than ever, with the time between vulnerability disclosure and widespread exploitation shrinking dramatically, from weeks to just days. 

The report highlights how AI tools are helping attackers automate reconnaissance, vulnerability scanning, and exploit development. As a result, cybercriminals can identify weaknesses in enterprise systems and launch attacks at unprecedented speed. 

One of the most significant findings is that third-party software has become the primary target for cloud attacks. Core cloud infrastructure from providers such as Amazon Web Services, Microsoft, and Google Cloud is typically well protected. Instead, attackers increasingly focus on vulnerable open-source libraries, developer tools, and external software components integrated into enterprise systems. 

In one example cited in the report, attackers began exploiting a critical vulnerability in React Server Components within 48 hours of public disclosure. Another case involved a vulnerability in the XWiki platform that allowed attackers to execute remote code on servers after organizations failed to apply available patches. 

Attackers are also shifting their focus toward identity-based attacks rather than brute-force password attempts. The report notes that 21% of cloud intrusions involved compromised identities, while another 21% exploited trusted relationships with third-party vendors. Social engineering tactics such as phishing and voice-based scams continue to play a major role in these attacks. 

In many cases, attackers remain undetected for extended periods. The report found that 45% of cloud intrusions resulted in data theft without immediate extortion attempts, allowing attackers to maintain stealthy access to corporate systems. Therefore, security experts warn that organizations must deploy automated defenses to match the speed of AI-powered attacks. Specifically, companies should patch third-party software quickly and strengthen identity and access management. In addition, they must monitor networks for unusual activity and maintain a clear incident response plan. Ultimately, as AI reshapes both defense and cybercrime, businesses must assume attackers will move faster and prepare accordingly.

Source: 

https://www.zdnet.com/article/google-cloud-threat-report-third-party-software-ai-attacks/