The future: Hacker AI and IoT ransomware?Thursday, November 30, 2017
The future could be about to get a lot nastier, as ransomware evolves to incorporate new business models, according to researchers looking ahead to 2018.
Additionally, as the abilities and maturity of machine learning deep learning, and artificial intelligence (AI) improve, an arms race between hackers and security professionals is inevitable, according to the industry experts.
They went on to predict that attackers will increasingly employ machine learning to learn from defensive responses, disrupting detection models, and exploiting new vulnerabilities faster than defenders can patch them.
“To win this arms race, organisations must effectively augment machine judgment and the speed of orchestrated responses with human strategic intellect. Only then will organisations be able to understand and anticipate the patterns of how attacks might play out, even if they have never been seen before”, said the McAfee Labs 2018 Threats Predictions Report.
Certainly, reaching a crescendo buzz in 2017, machine learning has been widely touted throughout the security industry, and has been integrated into everything from anti-virus to analytics - including High-Tech Bridge’s own Immuniweb. Evaluating machine learning from a customer point of view has therefore become increasingly difficult, but ever more important as cybercrime evolves.
Ilia Kolochenko, CEO, High-Tech Bridge said: “Cybercrime has become a well organised and mature industry. While law enforcement agencies struggle with a lack of qualified personnel and budgets, cybercrime is developing its own ecosystem, with clear hierarchy, segmentation and coordination between different types of digital crimes.
“Many cybersecurity companies are inclined to more about their profits, or new investments, rather than their customers. Meanwhile, cybercriminals start using machine learning and big data technologies to better profile their victims and increase profits. Cybercriminals have access to the brightest minds that understand how to maximise profits, reduce risks and remain undetected.”
The McAfee report picked out traditional ransomware as a declining threat in 2018, as vendor defences, user education, and industry strategies improve, but emphasised that the danger was still high. The hackers will undoubtedly ‘pivot’, said the analysts, applying the principles and technology behind ransomware to target more profitable areas such as cyber sabotage and disruption of organisations. This drive will spawn new variations of cybercrime “business models,” but also begin to seriously drive the expansion of the cyber insurance market, summarised the report.
Another area of concern is serverless apps, which may reduce costs but also increase attack surfaces for organisations, being vulnerable to attacks exploiting privilege escalation and application dependencies, as well as old-school DDoS. In order to mitigate this: “Function development and deployment processes must include the necessary security processes, scalability capabilities must be made available, and traffic must be appropriately protected by VPNs or encryption”, predicted McAfee.
Kolochenko continued to warn that future threats would still require businesses to get the basics right: “Companies often blindly increase their spending on cybersecurity, however, they end up spending on inappropriate or irrelevant solutions. A comprehensive and up to date inventory of all digital assets (i.e. software, hardware, users, data and licenses) is the essential first step to developing a cybersecurity strategy. Once done, a holistic risk assessment can help prioritise tasks and assure that money is only spent on products and solutions appropriate for your particular needs and priorities. Finally, continuous security monitoring is pivotal: even one unpatched vulnerability, or a forgotten machine, can lead to a data breach affecting the entire company.”
In short, 2018 may bring new hotspots of activity and innovation on both sides of the security fence, but will also incorporate all of the threats we’ve seen before. It’ll undoubtedly feature many of the corporate mistakes and errors we’ve seen so far in 2017 - and let’s not forget, 2017 is far from over yet...