Cyber Threats Predicted To Emerge In 2019

In the digital age in which we live, cyber threats are not going away. I have said it time and time again cyberwarfare is here to stay, and the tactics continue to grow in sophistication. Which means the tactics for detecting and preventing attacks must stay ahead of the criminals.

As those businesses that have survived the threats and hacks, and those who have been spared any threats prepare to put another year behind them, they will have a whole new crop of threats to detect and t attempt to prevent in the coming year. I’ll review some of the tactics that are predicted to wreak havoc and keep those of us in the cyber security world very busy.

Both Sides Using AI

The fact is that both, the good guys and the bad guys use AI. But, typically speaking AI is invented and advanced by the good guys, which keeps them at least a step ahead of the bad guys. With that in mind, the following are a few trends identified by Fortinet.com that we in the cybersecurity sector will be looking for and anticipating.

AI Fuzzing tops the list. Fuzzing is a sophisticated technique generally used in lab environments by professional threat researchers to discover vulnerabilities in hardware and software interfaces and applications. They do this by injecting invalid, unexpected, or semirandom data into an interface or program and then monitoring for events such as crashes, undocumented jumps to debug routines, failing code assertions, and potential memory leaks. Though using fuzzing to discover zero-day vulnerabilities has, so far, been beyond the scope of most cybercriminals, as AI and machine learning models are applied to this process it will become more efficient and effective. As a result, the rarity of zero-day exploits will change, which in turn will have a significant impact on securing network devices and systems. https://www.fortinet.com/blog/industry-trends/predictions–ai-fuzzing-and-machine-learning-poisoning-.html

Continual Zero-Days: While a large library of known exploits exists in the wild, our cyber adversaries are actually only exploiting less than 6% of them. However, to be effective, security tools need to be watching for all of them as there is no way to know which 6% the criminals will use. Also as the volume of potential threats continues to grow, performance requirements will continue to escalate as the scope of the potential exploit landscape continues to expand. To keep up, security tools will need to be increasingly more intelligent about how and what they look for. https://www.fortinet.com/blog/industry-trends/predictions–ai-fuzzing-and-machine-learning-poisoning-.html

According to darkreading.com, “While there are some frameworks like zero-trust environments that may have a chance at defending against this reality, it is fair to say that most people are not prepared for the next generation of threats on the horizon — especially those that AI-based fuzzing techniques will soon begin to uncover.” They also state that, “Traditional security approaches, such as patching or monitoring for known attacks, will become nearly obsolete as there will be little way to anticipate which aspect of a device can be potentially exploited. In an environment with the possibility of endless and highly commoditized zero-day attacks, even tools such as sandboxing, which were designed to detect unknown threats, would be quickly overwhelmed.”

https://www.darkreading.com/endpoint/5-emerging-trends-in-cybercrime/a/d-id/1333363

Be Prepared For The Next Wave Of Cybercrime

Is your business prepared for the next wave of cybercrime? We are passionate about your information security program. We work with businesses of all sizes from government and military to high-tech firms, retail and manufacturing. Please feel free to contact VORAS Consulting if you need confidential consultations to make the move towards the most secure business.

 

Staying Alive In The Age Of Cyberattacks

If your businesses are to stay alive and prosper during this age of cybercriminal activity in which cyberattacks occur at the rate of 158,727 per hour, 2,645 per minute and 44 every second of every day, your cybersecurity has to be top-notch. Cybersecurity is a non-stop battle between AI algorithms and various other strategies. So far, the good guys have managed to stay slightly ahead, by a nanosecond or two!

A couple of strategies we in the cybersecurity world use to keep cybercriminals scrambling include Deception Strategies and Unified Open Collaboration. Of course both of these strategies must be part of a solid overall cybersecurity system.

Deception strategies have been in use for some time. However, as the sophistication of cyberattacks increases this method is becoming essential. The way deception strategies work is by creating too many choices for an attacker. Most of the choices are dead ends, forcing the hackers to slow down and potentially give away their position. As has been said by the experts at Fortinet.com, “If you can generate enticing traffic from a large number of databases, and only one of them is real, attackers will have to slow down to evaluate each data source and potentially even chase down each option.” https://www.fortinet.com/blog/industry-trends/predictions–ai-fuzzing-and-machine-learning-poisoning-.html

What makes this strategy so effective is that it makes it easier to detect the cybercriminal’s position. That makes it more expensive for them to try to stay ahead.

One of the easiest ways cybercriminals continuously avoid detection and are able to maximize their investment is by making minor changes to their malware. It can be as simple as changing an IP address. While this may help them avoid detection by traditional security tools, the strategy of Unified Open Collaboration is making it more difficult for the criminals to stay ahead. This involves open and active sharing of threat intelligence which exposes the tactics used by attackers. This keeps cybercriminals scrambling. They always have to make more complicated and expensive changes to their attack tools, codes, and solutions.

Once again, according to Fortinet, a leader in threat research, “As these Unified Open Collaboration forums expand, organizations will soon also be able to apply behavioral analytics to live data feeds to predict the future behavior of malware, making the digital marketplace safer for everyone.”

https://www.fortinet.com/blog/industry-trends/predictions–ai-fuzzing-and-machine-learning-poisoning-.html

Is your business prepared to survive and thrive despite the barrage of cyberattacks? We are passionate about your information security program. We work with businesses of all sizes from government and military to high-tech firms, retail and manufacturing. Please feel free to contact VORAS Consulting if you need confidential consultations to make the move towards the most secure business