The world seems hell-bent on monetizing its own self-created AI hype, and threat actors are hell-bent on exploiting this
The reported growing adoption of AI in data centers has driven the need for greater data storage and higher computational demands for processing capabilities, in turn leading to a surge in demand for data centers globally.
Given their role in running business-critical workloads that power digital economies, it is also a given that data centers are prime targets for cyberattacks.
In June 2024, Indonesia experienced one of its worst cyberattacks in recent years, after ransomware group LockBit targeted a major government data center that was used to store data and run business-critical applications.
This incident underscores the potential of such cyberattacks and how they can cause widespread disruption, which may compromise essential services across sectors worldwide.
Growing cyber risks in the industry
AI applications are progressively being deployed directly on edge devices, where data is generated and processed in real time.
As a result, there is now a growing need for smaller, more distributed data centers to support these localized operations. These distributed data centers have significantly expanded threat surfaces and can create potential security blind spots that opportunistic cybercriminals may exploit, especially if a comprehensive security strategy is not in place.
Safeguarding our data centers hinges upon a combination of key preventative measures.
- Firstly, implementing a robust cybersecurity stack can help strengthen security posture by enabling real-time monitoring, correlation, and alerting capabilities. This is achieved through the collection and analysis of security logs from multiple systems and applications, making it easier for security teams to manage and respond to threats.
- Regular data backups are another essential for quick recovery in case of a ransomware attack, with backups stored securely and disconnected from the main network to prevent encryption. In the case of the Lockbit cyberattack in Indonesia, the lack of backups had resulted in data loss and hampered recovery efforts to rebuild the affected databases.
- Data should be extensively segmented, and advanced cybersecurity solutions could aid in detecting and blocking malicious activities. For instance, Security Information and Event Management systems can provide teams with centralized data collection across the environment, delivering real-time visibility to better detect, analyze, and respond to cyber threats.
- Effective authentication, access controls, and real-time monitoring are also vital in ensuring that data centers remain up and running.
Using AI against AI-driven cyber risks
AI-driven protection is also becoming increasingly crucial as cyber threats grow more complex. The adoption of AI, particularly Generative AI (GenAI), can support organizations to improve understanding of the scope and potential impact of any suspicious activity.
A key enabler of this capability is data modeling, which involves creating structured frameworks to organize and analyze vast amounts of security data. By analyzing security data from different perspectives, organizations can easily detect anomalies when bad actors attempt to access an organization’s environment. By harnessing AI to drive the analysis and detection of threats, security teams can now make more well-informed decisions.
Aside from threat hunting, GenAI is also useful in helping security teams summarize threats and generate reports for incident management. Additionally, it can evaluate and provide recommendations for improving an organization’s security posture. With close collaboration between GenAI and security teams, organizations stand to benefit from rapid detection and response to threats.
Public-private collaborations also matter
Beyond technological solutions, collaborations with cybersecurity experts and government agencies is key for developing effective defense strategies.
Actively sharing information and best practices empowers organizations to stay ahead of emerging threats and improve their response coordination to potential cyberattacks. This collective approach not only strengthens individual defenses but also contributes to a more resilient cybersecurity landscape overall.
No organization, regardless of size or industry, is immune to cyberattacks. Cybersecurity needs to be a top priority for all organizations, and this calls for a combination of secure infrastructure, comprehensive training programs, and skilled IT personnel.
By adopting a proactive approach to cybersecurity and reinforcing their IT infrastructure, organizations can strengthen defenses against evolving cyber threats, and continually maintain their cyber resilience.
