This 2019, Fortinet shares its predictions for the realm of cybersecurity.
Many criminal organizations evaluate attack techniques in terms of effectiveness and the overhead required to develop, modify, and implement them. To maximize revenue, they are responding by adopting mainstream strategies like agile development to produce and refine attack software and reduce risk and exposure.
With this in mind, the defensive response is to make changes to people, processes, and technologies that impact the economic model of attackers. For instance, adopting new cybersecurity strategies such as learning machines and automation to harden the attack surface with updates and patches. Another technique is to identify threats, forcing criminals to shift attack methods.
Fortinet predicts that cybercriminals will adapt to these methods and that the cybersecurity industry will need to closely follow.
Prediction #1: Using fuzzing to mine for zero days
Fuzzing is a technique used to discover vulnerabilities in hardware and software interfaces and applications. Since it is a sophisticated technique, only a few people can develop and run fuzzing tools.
However, the reality is that there is an incalculable number of vulnerabilities that could be discovered and exploited in commercially available software and OS right now with fuzzing tech. There simply aren’t enough purpose-built fuzzing tools and developers available to discover them.
Prediction #2: AI Fuzzing (AIF)
Applying AI and machine learning models to fuzzing will enable it to become more efficient and effective. While black hat criminals may develop and train fuzzing programs, AIF is used as a tool that could be pointed at a target and automatically mine it for Zero-Day exploits.
Additionally, Zero-Day Mining as a Service will change the way organizations approach security since there is no way to anticipate where Zero-Days are located.
Prediction #3: Swarm-as-a-Service
Scientists in Hong Kong have developed natural swarm behaviors that control clusters of nanorobots. The same innovation can be used to create swarms of intelligent bots that operate collaboratively and autonomously. Ultimately, as exploit technologies and attack methods evolve, these impact the economic models employed by the cybercriminal community.
Right now, the criminal ecosystem is very people driven. But with Swarms-as-a-Service, the amount of interaction of interaction between a hacker-consumer and a black hat entrepreneur drops.
Prediction #4: Poison Machine Learning
Machine learning is one of the most promising tools in the defensive security toolkit. With devices and systems that can be trained to perform tasks autonomously, machine learning can effectively baseline behavior and apply analytics.
Poison machine learning process can either outthink or outperform a machine learning-enhanced system or simply target the machine learning process itself. For example, an attacker compromises a system and injects instructions to not apply patches or updates, leaving it vulnerable.
Machine learning models regularly use data such as crowd-sourced and social media data, as well as user-generated information. Because of this, cybercriminals can use malicious samples to poison training sets to ignore threats and introduce Trojans. Machine learning resources and protocols are carefully monitored and protected as a security measure.
Responding with a New Defense Strategy
To address these challenges, the cybersecurity community will need to change traditional security approaches. For example, use Deception to create too many choices for attackers. They may also open a unified collaborations such as the Cyber Threat Alliance.
To learn more, visit www.fortinet.com