AI/ML, AI benefits/risks, Data centers, Exposure management

Attacks on data centers: the biggest threat to the AI boom

(Adobe Stock)

COMMENTARY: AI has become the new critical infrastructure for multiple verticals, and it’s quickly become embedded in the operations of businesses, manufacturing, banking, utilities and government.

The global AI market has the potential to balloon from $294 billion this year to $1.7 trillion by 2032. Soon, every business and sector of society will rely on AI and its underlying infrastructure to function.

[SC Media Perspectives columns are written by a trusted community of SC Media cybersecurity subject matter experts. Read more Perspectives here.]

Missing from the boardroom and top-level discussions: the  computational power driving AI resides in massive data centers that stand as tempting targets for threat actors.

We have seen the devastating impact of attacks on traditional critical infrastructure, from the 2021 Colonial Pipeline ransomware attack that triggered fuel shortages to ongoing attacks on U.S. electric and water utilities.

Recent data shows the growing scope of attacks on this sector. The FBI Internet Crime Complaint Center’s Internet Crime report from April found that more than 4,800 critical infrastructure organizations that reported being affected by data breaches and ransomware attacks.

Meanwhile, Semperis’ recent State of Critical Infrastructure Resilience report surveyed 350 water treatment plants and electricity operators in the U.S. and UK and found that 62% were targeted by threat actors in the past 12 months and 57% of attacks disrupted operations.

Targeting the data centers that power all the AI infrastructure could trigger cascading failures across interconnected systems. When businesses automate everything from supply chain logistics to cybersecurity through AI, taking down a single data center could create a cascading collapse across interconnected systems. It would paralyze the core functions of modern business.

When AI infrastructure becomes the target

In a session at the BSides conference in Las Vegas in August, Emma Stewart of the Idaho National Laboratory and Munish Walther-Puri, adjunct faculty member at IANS Research and New york University's Center for Global Affairs, discussed how energy infrastructure will determine global AI dominance.

While they focused on energy dependencies and geopolitical supply chain risks, there's an equally urgent threat that deserves immediate attention: the cybersecurity vulnerabilities that make data centers prime targets for state-sponsored actors and cybercriminals. Unlike gradual supply chain disruptions or infrastructure strain, cyberattacks could potentially disrupt AI infrastructure in minutes, leading to cascading failures for AI-dependent organizations.

The data centers propelling the AI revolution are incredibly hungry for energy to power them, and thirsty for water to cool them down, which introduces interesting dependencies. When combined with geographic clustering in regions such as Northern Virginia, where AI demand caused power disruptions for other users last summer, the possibilities for localized service interruptions turning into whole-of-economy disruption become considerable.

From a cybersecurity perspective, data centers present multiple attack vectors in one location, while hosting multiple services and applications simultaneously. They house valuable data and control critical business functions, while having to also maintain a robust security posture with respect to the physical systems enabling continued operation.

State-sponsored actors like China's Volt Typhoon have already demonstrated they can embed themselves in critical infrastructure for months without detection, indicating that a skilled, persistent threat actor could potentially dwell within a critical physical environment for an extended period of time before activating a disruptive payload.

How companies can protect AI investments

Companies betting their future on AI can no longer ignore these cybersecurity risks. The industry must make a strategic shift in how it builds and protects this new infrastructure. Here’s what’s needed:  

  • Spread the risk: Stop clustering everything in the same geographic regions and with the same providers. Yes, it costs more to distribute computational resources, but it costs a lot less than losing everything in one coordinated attack.
  • Harden the backbone: The electrical grid, water systems, and telecom networks supporting these data centers need serious investment and protection. This means advocating for federal and state policies that incentivize grid modernization and prioritize cybersecurity protections for utility providers that serve these vital hubs.
  • Secure operational technology: Follow CISA's updated guidance on protecting industrial control systems. That means know what OT devices the organizations runs have, keep them patched, and separate them from IT networks.
  • Plan for extended outages: Build contingency plans that work when AI services disappear for days or weeks, not hours. Have alternative decision-making processes ready.

The disruption scenarios range from annoying to catastrophic. Best case: chatbots go offline and productivity tools stop working. Worst case: companies lose access to AI-dependent security systems, leaving them defenseless, or find their business processes paralyzed.

The AI boom has created incredible opportunities, but it's built on an infrastructure that's dangerously vulnerable. We have the technology and expertise to secure it. The big question: will we act now, or wait until a catastrophic attack forces our hand.

Joe Slowik, director, cybersecurity alerting strategy, Dataminr

SC Media Perspectives columns are written by a trusted community of SC Media cybersecurity subject matter experts. Each contribution has a goal of bringing a unique voice to important cybersecurity topics. Content strives to be of the highest quality, objective and non-commercial.

An In-Depth Guide to AI

Get essential knowledge and practical strategies to use AI to better your security program.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.

You can skip this ad in 5 seconds