Threat Research

AI Infrastructure as a Strategic Target in Modern Cyber Conflict | CloudSEK

CloudSek
AI Infrastructure as a Strategic Target in Modern Cyber Conflict | CloudSEK
Coordinated kinetic escalation on February 28, 2026 has intensified a regional cyber threat environment in which Iranian state-sponsored groups and allied regional actors have a documented history of pre-positioning inside Western defense, finance, and technology networks. CloudSEK’s research found over 100 exposed credential sets and 80+ publicly accessible MLOps deployments that permit unauthenticated access to training data, models, and cloud storage credentials, highlighting an urgent need to secure MLOps infrastructure #MLOps #APT34

Keypoints

  • Geopolitical escalation has immediate cyber effects: Iranian APTs (APT34, APT33, MuddyWater, APT35) historically pre-position inside Western defense, financial, and technology networks prior to conflicts.
  • The regional threat landscape is layered and includes Hamas-affiliated (MOLERATS, Gaza Cybergang), Hezbollah-linked, Houthi-aligned actors, and opportunistic Russian and Chinese APT groups with strategic monitoring and influence objectives.
  • MLOps platforms are a weakly defended enterprise category: CloudSEK identified over 100 exposed credential sets and more than 80 publicly accessible MLOps deployments in 48 hours of scanning.
  • Exposed MLOps access yields control-plane capabilities — training datasets, trained models, pipeline configs, experiment histories, and cloud storage credentials — not just a single application breach.
  • Attacks against MLOps can be stealthy and nontraditional: no malware or exploits are required, and malicious activity can mimic legitimate engineers, making detection difficult and sabotage likely to appear as model drift.
  • Security leadership must prioritize infrastructure questions: internet accessibility of MLOps, authentication controls, credentials in repos, use of short-lived role-based cloud credentials, and rigorous logging/monitoring of dataset and artifact access.

MITRE Techniques

Indicators of Compromise

  • [Credentials ] exposed credential sets tied to MLOps and cloud integrations – “over 100 exposed credential sets”, cloud storage credentials embedded in MLOps, and other exposed keys discovered by CloudSEK.
  • [Public MLOps deployments ] internet-facing, unauthenticated platforms – “more than 80 publicly accessible MLOps deployments”, open dashboards with no authentication.
  • [Repository artifacts ] secrets and config files in code repositories – credentials found in public GitHub repositories, and CI/CD pipeline configuration files containing embedded keys.
  • [Cloud integration keys ] static or long-lived cloud keys used by training pipelines – static cloud storage keys and absence of short-lived role-based credentials noted as a risk.

Read more: https://www.cloudsek.com/blog/ai-infrastructure-as-a-strategic-target-in-modern-cyber-conflict