Fortinet Philippines recently presented their threat predictions for the coming year. Touching on several new technologies that are at the cusp of major commercial breakthrough such as 5G and more advanced AI tech.
Cyberattack methodologies have become more sophisticated in recent years, in line with the exponential growth of technology year on year. With the volume, velocity, and sophistication of today’s global threat landscape, organizations must be doubly preparetd to take on the oncoming attacks.
According to the threat prediction of Fortinet Chief of security insights and global threat alliances, Derek Manky and further expounded by Fortinet Philippines Systems Engineering Manager, Nap Castillo, Cybercriminals use a multi-pronged approach for their attack strategies. For example, there was been a rise in the use of Advanced Evasion Techniques (AETs) designed to prevent detection, disable security functions and devices, and operate under the radar.
The Philippine Threat Landscape
It is estimated that 4.5% GDP losses or roughly P3 Billion is compromised by cybercriminals. All organizations are at risk from cyberattacks, but even more now are financial institutions who create online applications and new tech to cope with the demands of the users which in turn, open them to vulnerabilities and attacks.
More Sophisticated Attacks
Cyberattacks such s advanced evasion technology (AET) as meantioned earlier, are designed to prevent detection, disable security functions and devices, and operate under the radar using living off the land (LOTL) strategies by exploiting existing software and disguising malicious traffic as legitimate.
Another is the increasing rise in swarm technology, which can leverage things like machine learning and AI to attack networks and devices. If used for good, this can catalyze technology in medicine, transportation, engineering, and automated problem solving—to name a few. However, swarms can also infiltrate a network, overwhelm internal defenses, and efficiently find and extract data. Eventually, specialized bots, armed with specific functions will be able to share and correlate intelligence gathered in real-time to accelerate a swarm’s ability to select and modify atacks to compromise a target, or even multiple targets simultaneously.
5G is also another new tech that is set to make waves in the coming years, and may be prone to carry swarm-based attacks. This is done by creating local, ad-hoc networks that can quickly share and process information and applications. Weaponizing 5G and edge computing can use the 5G speeds to target victims.
Who Has the Upper Hand?
It is important for organizations to make a complete paradigm shift as to how they think about and deploy security. Some organizations continue to use the same failed strategies to secure new networked environments.
To get out ahead of this cycle, organizations need to begin to use the same sorts of technologies and strategies to defend their networks that criminals are using to compromise them. That means adopting an intelligently integrated approach that leverages the power and resources of today’s enterprise.
AI represents one of our best hopes for being able to get out in front of this issue. The goal is to develop an adaptive immune system for the network similar to the one in the human body. In the body, white blood cells come to the rescue when a problem is detected, acting autonomously to fight infection, while sending information back to the brain for more processing —like marshalling additional resources or remembering to take an antibiotic.
As AI progresses from its current form, where it is used primarily to sift through mountains of data to solve a problem, it will be able to function more like a human immune system or neural network. AI will rely on interconnected, regionally deployed learner nodes to collect local data and then share, correlate, and analyze that intelligence in a distributed manner.
Start with an Integrated Strategy
These trends only further underscore the need to take a new approach to security, designed around the principles of integrated solutions, advanced AI and machine learning, and related techniques. Interconnectivity between machine learning systems will be especially critical so that localized machine learning nodes can adapt to a local environment’s unique configuration. By shifting responsibilities to autonomous self-learning processes that function similarly to human autoimmune systems – such as hunting for, detecting, and responding to security events – valuable cybersecurity professionals will have the time and resources to adopt advanced security-driven network strategies designed for today’s continually evolving networks.