{"id":16151,"date":"2026-04-29T09:06:34","date_gmt":"2026-04-29T09:06:34","guid":{"rendered":"https:\/\/newestek.com\/?p=16151"},"modified":"2026-04-29T09:06:34","modified_gmt":"2026-04-29T09:06:34","slug":"aws-leans-on-prior-ingenuity-to-face-future-ai-and-quantum-threats","status":"publish","type":"post","link":"https:\/\/newestek.com\/?p=16151","title":{"rendered":"AWS leans on prior ingenuity to face future AI and quantum threats"},"content":{"rendered":"
\n
\n
\n
\n
\n
\n
<\/div>\n<\/section>\n

As Amazon celebrates the 20th anniversary of its AWS cloud this year, the world\u2019s biggest cloud computing provider now faces two giant cybersecurity threats \u2014 AI and quantum.<\/p>\n

How the company will navigate these emerging issues to ensure the security and resilience of systems used by its millions of corporate customers remains an evolving question. But senior executives at AWS believe key decisions and innovations the company has made throughout its 20-year run position it to handle these threats.<\/p>\n

Here is a look at three key AWS advances and how they factor into what the company and its customers are dealing with as emerging threats now and in the years ahead.<\/p>\n

Nitro and \u2018zero humans\u2019 infrastructure<\/h2>\n

When Amazon released Virtual Private Cloud, its networking layer for AWS, in 2009, it was all software.<\/p>\n

\u201cNow VPC is implemented in hardware,\u201d says Eric Brandwine, who first came to AWS more than 18 years ago to work on that project and is now a VP and distinguished engineer for Amazon security.<\/p>\n

What changed was 2017\u2019s introduction of Nitro, a hardware foundation for networking, security, and the hypervisor that enforces strong isolation between customer instances. Amazon paid more than $350 million for a fabless semiconductor company in 2015 to make the technology shift possible.<\/p>\n

\u201cCommercial hypervisors are a mature and appropriate technology but not designed for cloud scale for the kind of multi-tenancy we have,\u201d Brandwine tells CSO.<\/p>\n

Nitro also enables Amazon to operate AWS without employees ever touching customer infrastructure. \u201cWith Nitro, there\u2019s no human access to it,\u201d he says. \u201cThis is one of the reasons why we\u2019re able to offer bare-metal instances.\u201d<\/p>\n

If maintenance is required, all customer content is removed from the machine before employees can get into it.<\/p>\n

\u201cAnd we\u2019ve had third parties take a look at this process,\u201d he adds, including NCC Group, which conducted an architecture review of Amazon\u2019s security claims in 2023<\/a>.<\/p>\n

Today, Nitro provides the trust foundation for protecting the company\u2019s quantum-safe encryption keys, for securing the identities of AI agents, for protecting AWS infrastructure against rogue agents, and for providing the confidential compute foundation for AI workloads themselves.<\/p>\n

Symmetric cryptography and the quantum threat<\/h2>\n

Back in the early 2010s, most hardware security modules used asymmetric cryptography to protect security keys. Asymmetric cryptography, the kind used to secure online communications, involves pairs of keys \u2014 one to lock, another to unlock. It\u2019s a very useful and convenient approach when dealing with multiple parties.<\/p>\n

Amazon chose to use symmetric encryption instead, where the same key is used to both lock and unlock the data, because it\u2019s faster and more efficient.<\/p>\n

\u201cOne of the things we did 15 years ago is that to authenticate customers who talk to us, we rely on symmetric cryptography,\u201d says Ken Beer, director of AWS cryptography. \u201cAnd the Key Management Service that I helped launch back in 2013, we also said we would rely on symmetric cryptography to protect all the keys.\u201d<\/p>\n

Today, over 99.9% of all the encryption of data at rest involves no asymmetric cryptography anywhere in the chain of keys that secure it, he says.<\/p>\n

That turned out to be an extremely fortuitous decision.<\/p>\n

The reason? Quantum computers are expected to be able to break today\u2019s asymmetric encryption standards \u2014 but symmetric encryption is safe. And quantum computing progress has been moving so quickly of late that both Google<\/a> and Cloudflare<\/a> have moved up their timelines.<\/p>\n

Companies of all sizes are now up against the clock to update their cryptography to quantum-safe algorithms \u2014 unless those algorithms are symmetric.<\/p>\n

\u201cWe don\u2019t have to change it, and we\u2019re glad we don\u2019t have to change it,\u201d Beer says. As for all the data stored on Amazon\u2019s servers, the company doesn\u2019t have to decrypt and re-encrypt it with quantum-safe methods. It\u2019s already quantum-safe.<\/p>\n

That\u2019s not to say that Amazon doesn\u2019t have any asymmetric encryption anywhere. Communications with untrusted counterparties, or over the public Internet, require it.<\/p>\n

AWS is targeting 2028 and 2029 to complete its public-certificate post-quantum authentication \u2014 there\u2019s a delay there because the world still needs to agree on a common set of standards.<\/p>\n

\u201cIt\u2019s going to require cooperation between five or ten big vendors,\u201d says Beer. \u201cOnce we agree on the method of validating digital signatures, then all the vendors that own different parts of the technology stack will go and implement it.\u201d<\/p>\n

Amazon has been a member of the CA\/Browser Forum for over a decade, he says, referring to the industry body that sets the rules for how public key infrastructure works on the Internet. \u201cWe have confidence that we\u2019ll move the industry by 2029.\u201d<\/p>\n

AWS customers who use AWS for their cryptographic heavy lifting get post-quantum protection for free without additional effort. Those who have their own asymmetric cryptography, however, will have to do some serious work.<\/p>\n

\u201cThere\u2019s potentially a lot of crypto embedded in people\u2019s applications,\u201d Beer says. \u201cCan I find it? Can I change it? Do I have to go talk to some vendor I haven\u2019t talked to in ten years \u2014 or that doesn\u2019t exist anymore?\u201d Those are the kinds of questions enterprise customers should be asking.<\/p>\n

S3 security controls and the shared responsibility model<\/h2>\n

There have been no public instances of AWS Nitro or encryption infrastructure being compromised. The NCC report, as well as other analyst research, shows that it\u2019s working.<\/p>\n

But Amazon data breaches are constantly in the news. The reason? AWS customers are failing to secure their S3 buckets, leaking credentials, hard-coding keys, and making many other mistakes when managing their environments.<\/p>\n

According to cybersecurity firm UpGuard<\/a>, AWS S3 security is \u201cflawed by design,\u201d with thousands of breaches over the past few years detected by the firm.<\/p>\n

\u201cFrom the day that S3 launched, buckets have been secure by default,\u201d counters Brandwine.<\/p>\n

That is accurate, UpGuard says \u2014 but AWS makes it too easy to accidentally misconfigure buckets, it concludes.<\/p>\n

Brandwine admits there\u2019s an issue here. \u201cIf a customer has a bad day in the cloud, it\u2019s something that they did,\u201d he says. \u201cBut if a bunch of customers have a bad day in the cloud, we need to take a look.\u201d<\/p>\n

Say, for example, a company uses an S3 bucket to hold some content and then takes down the bucket \u2014 but there are still web pages, or services, or tools that link to it. Attackers can hijack these abandoned buckets<\/a> and use them for malicious purposes.<\/p>\n

This is user error \u2014 customers who take down buckets should also take down the links pointing to them. But it happens. And happens frequently.<\/p>\n

\u201cSo we built a thing called active defense,\u201d says Brandwine.<\/p>\n

When Amazon detects someone trying to use a dictionary attack to guess bucket names, \u201cwe lie to them and say, \u2018Bucket not found,\u2019\u201c he says. \u201cIt makes scanning ineffective and has effectively ended dictionary attacks against S3.\u201d<\/p>\n

But the AWS infrastructure is complex, and there are many instances in which enterprise customers can easily set up policies incorrectly. And it\u2019s not just customers.<\/p>\n

Amazon employees also make mistakes. In CodeBreach, AWS engineers misconfigured AWS\u2019s own systems<\/a>, according to Wiz researchers.<\/p>\n

Attackers have always looked for opportunities to exploit misconfigurations<\/a>, weak credentials, and similar customer-side problems. Now, with AI, the risks are greater than ever.<\/p>\n

\u201cAI isn\u2019t changing what threat actors do,\u201d says Gee Rittenhouse, VP of security services at Amazon. \u201cIt changes the speed and scale at which they operate. We still see the primary threat vectors, such as phishing and credential compromise, but the exploits are much faster.\u201d<\/p>\n

Amazon is also leveraging this technology, he says.<\/p>\n

At the end of March, AWS launched<\/a> its AWS Security Agent for on-demand penetration testing and AWS DevOps agent, which autonomously resolves incidents.<\/p>\n

\u201cWe have attacker agents pitted against defender agents and what used to take a few weeks we\u2019re now able to do in a few hours,\u201d he says.<\/p>\n

But there\u2019s another way in which AI is a big emerging threat for Amazon. The AI agents that enterprises are building and deploying on AWS could be the next big breach vector, the new equivalent of unsecured S3 buckets.<\/p>\n

Can Amazon take its successes at securing its infrastructure and combine it with the lessons learned from years of S3 bucket breaches to build a security foundation for AI agents?<\/p>\n

Rittenhouse says yes. And a lot of it comes down to the agent authentication layer and access privileges.<\/p>\n

\u201cWe just released a new authentication, the OAuth 2 token exchange,\u201d he says. It\u2019s part of Amazon Bedrock AgentCore Identity<\/a>, and it involves keeping track of which user the AI agent is acting on behalf of, and what resources it\u2019s trying to access.<\/p>\n

\u201cIt evaluates whether the agent can do this before it does it, at the infrastructure layer,\u201d says Rittenhouse. \u201cAnd if it\u2019s no, it\u2019s not allowed to do it then, regardless of the command, or whether it\u2019s hallucinating, or whether it\u2019s been taken over, our infrastructure does not allow that.\u201d<\/p>\n

\u201cThat\u2019s the advantage we have,\u201d he adds. \u201cWe go all the way from the infrastructure layer.\u201d<\/p>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n","protected":false},"excerpt":{"rendered":"

As Amazon celebrates the 20th anniversary of its AWS cloud this year, the world\u2019s biggest cloud computing provider now faces two giant cybersecurity threats \u2014 AI and quantum. How the company will navigate these emerging issues to ensure the security and resilience of systems used by its millions of corporate customers remains an evolving question. But senior executives at AWS believe key decisions and innovations… <\/p>\n

Read More<\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"inline_featured_image":false,"footnotes":""},"categories":[1],"tags":[],"class_list":["post-16151","post","type-post","status-publish","format-standard","hentry","category-uncategorized","is-cat-link-borders-light is-cat-link-rounded"],"_links":{"self":[{"href":"https:\/\/newestek.com\/index.php?rest_route=\/wp\/v2\/posts\/16151","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/newestek.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/newestek.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/newestek.com\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/newestek.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=16151"}],"version-history":[{"count":0,"href":"https:\/\/newestek.com\/index.php?rest_route=\/wp\/v2\/posts\/16151\/revisions"}],"wp:attachment":[{"href":"https:\/\/newestek.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=16151"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/newestek.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=16151"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/newestek.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=16151"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}