Cloud security risks are escalating as AI adoption grows, with experts warning of emerging threats and vulnerabilities in AI-powered systems. A recent attack on an Amazon Bedrock-linked AI gateway has highlighted the risks associated with concentrating access to cloud identities, permissions, and foundation models in a single, highly privileged system.
What Happened
The attack, which ended with the deployment of cryptomining malware, exposed a bigger risk for enterprises: AI gateways that centralize model access, identities, and cloud privileges, making them valuable targets. Researchers from cybersecurity firm Darktrace found that attackers compromised an AWS EC2 instance acting as a LiteLLM proxy for Amazon Bedrock, eventually deploying XMRig cryptomining malware, along with attempts to abuse cloud identities and AI services.
Why It Matters
The attack is consistent with past cloud attack techniques, but the use of AI gateways raises new concerns. "Strip off the AI branding and this is a cloud intrusion pattern we've been watching since at least 2018: SSH open to the internet, brute-force attempts, a commodity XMRig miner, and repeated connections to a mining pool," said experts. The bigger concern is that AI gateways centralize access to sensitive information, making them a high-value target for attackers.
What Experts Say
"The objective of Cyber Shield is to build a national-scale, collaborative approach to agentic cyber defence, using frontier AI to identify, reduce and resolve our national cyber risk," said the UK's National Cyber Security Centre (NCSC). The agency warns that AI is already helping attackers perform activities such as vulnerability discovery and reconnaissance "at a much greater scale and faster pace," reducing the time available for defenders to respond.
Key Facts
- Who: UK's National Cyber Security Centre (NCSC)
- What: Unveiled AI-powered Cyber Shield to counter attacks at machine speed
Background
The use of AI in cybersecurity is growing rapidly, with the global AI in cybersecurity market valued at $44 billion in 2026 and projected to reach $213 billion by 2034. However, the focus on AI-powered security solutions has also highlighted the importance of proper data architecture. "Fixing the algorithm without fixing the data is like recalibrating a scale while the input keeps changing," said experts.
What Comes Next
As AI adoption continues to grow, security risks are likely to escalate. Experts warn that enterprises must prioritize proper data architecture and security controls to mitigate these risks. The UK's NCSC has unveiled Cyber Shield, an AI-powered cyber defence system, to counter attacks at machine speed. Other organizations are likely to follow suit, and the development of AI-powered security solutions will continue to be a key area of focus in the coming years.
What to Watch
- The development of AI-powered security solutions and their adoption by enterprises
- The growing importance of proper data architecture in mitigating security risks
- The impact of AI on the cybersecurity landscape and the need for new security controls and protocols.