#Cybersecurity #Risk Management #Critical Environments #AI

Experts say AI is best weapon against cyberattacks

Industry experts cite AI as a solution to halt future cybersecurity attacks

Joanna England
|Nov 14|magazine13 min read

FortiGuard, the global threat intelligence and research organisation, says the weaponising of intelligent edge computing will have an impact on the scale and speed of future cyber-attacks.

The company’s predictions for 2021 and beyond, state that applying artificial intelligence to hasten threat prevention, detection and response, should be combined with actionable threat intelligence. 

Describing the move as “critical” in the fight to protect companies against attacks from cybercrime, the team released their latest intelligence threat predictions along with recommendations for enterprises to action. 

According to the report, cybercriminals will harness 5G enabled devices to create a new surge in advanced threats at extreme speeds and scale. Threats will also exploit emerging edge environments, such as a remote workforce. 

The report advises IT defence teams to plan ahead using AI and machine learning tools to better predict where system vulnerabilities are, and when attacks are likely to strike. 

Derek Manky, FortiGuard Lab’s Chief of Security Insights and Global Threat Alliances, explains; “2020 demonstrated the ability of cyber adversaries to leverage dramatic changes happening in our daily lives as new opportunities for attacks at an unprecedented scale.”

Manky says companies would need to be prepared for further vulnerabilities following the digital transformations enterprises have and are undergoing. 

He comments; “Going into 2021, we face another significant shift with the rise of new intelligent edges, which is about more than just end-users and devices remotely connecting to the network. Targeting these emerging edges will not only create new attack vectors, but groups of compromised devices could work in concert to target victims at 5G speeds.”

Manky adds; “To get out ahead of this coming reality, all edges must be part of a larger, integrated, and automated security fabric platform that operates across the core network, multi-cloud environments, branch offices, and remote workers.”

AI evolution

Artificial Intelligence, the report states, will need to evolve to combat new attack trends. AI technologies are effective because they can predict and build counterattacks against security breach attempts. 

Human operators will have to make sure the security systems have been provided with enough intelligence to counter attacks and anticipate future attacks.

The report adds that pooling resources against a common enemy will prevent breaches.

“Organisations cannot be expected to defend against cyber adversaries on their own. They will need to know who to inform in the case of an attack so that the “fingerprints” can be properly shared and law enforcement can do its work. Cybersecurity vendors, threat research organisations, and other industry groups need to partner with each other for information sharing, but also with law enforcement to help dismantle adversarial infrastructures to prevent future attacks.”

Future cyber attack trends

Connectivity: One of the most significant advantages for cybercriminals in Edge Computing, is the interconnectivity of enterprises that have sacrificed centralised visibility and control in favour of performance and digital transformation. Homeworkers are easy targets for cybercrime, while 5G and an increasing number of IoT devices on networks are becoming increasingly difficult to track. This leaves users and organisations vulnerable to Trojan infiltrations of advanced malware.

Swarm-bots compromise 5G devices to provide greater threat opportunities. Though swarm technologies need extensive processing power to enable individual swarm-bots and to efficiently share information in a bot swarm, once achieved, they can rapidly discover, share, and correlate vulnerabilities, and then shift their attack methods to better exploit the system they’ve infiltrated. 

Social engineering developments means smart devices or other home-based systems that interact with users, could become conduits for deeper attacks. Utilising contextual information about users habits, or finances could make social engineering-based attacks more successful. Smarter attacks might even result in security systems being disabled, or the hijacking smart appliances.

Ransomware is another threat. As it continues to evolve, and IT systems increasingly converge with operational technology (OT) systems, particularly critical infrastructure, there will be even more data, devices, and lives at risk. Ransomware could be responsible for extortion, defamation, and defacement. 

Processing power helps cybercriminals scale future attacks with ML and AI capabilities. Called advanced crypto mining, the process hijacks devices for their processing power, enabling cybercriminals to process massive amounts of data and learn more about how and when edge devices are used. Infected PCs being hijacked for their compute resources are often identified since CPU usage directly impacts the end user's workstation experience. But secondary devices can be less visible.

Satellites and telecommunications are vulnerable, as new communication systems scale and begin to rely more on a network of satellite-based systems. Cybercriminals can target this convergence and follow in pursuit. This could lead to compromised satellite base stations and the spreading of malware through satellite-based networks. Potentially, this would give cybercriminals an opening to target millions of connected users at scale or cause DDoS attacks that could hinder essential communications.

Quantum Computing from a cybersecurity perspective, could create a new risk when it can challenge the effectiveness of encryption in the future. The massive compute power of quantum computers could leave some asymmetric encryption algorithms solvable. Enterprises should prepare to shift to quantum-resistant crypto algorithms by using the principle of crypto agility, to ensure the protection of current and future information. 

It's a challenging time to be in the data centre cybersecurity business
Check out the latest issue of Data Centre Magazine