Cyber security was once only an incidental part of enterprise IT. Today, it plays a key role in the success of an organization. Cyber Security and Risk Management (SRM) leaders now have the challenging task of safeguarding their organization from increasingly sophisticated and harmful security threats and cyber attacks, some of which use Artificial Intelligence (AI).
In this article, we will cover 4 top cyber security threats you should be aware of in 2019 and see how these advanced threats are leveraging artificial intelligence to become more menacing. We will also discuss how organizations can take security measures such as thinking proactively, securing their IT systems, leveraging threat intelligence, encrypting their data and shopping for cyber insurance to help protect themselves against cyber security threats.
The Current and Evolving State of Cyber Security Threats
Consumers today want instant access to personalized services and information via interconnected devices. This is driving change in the digital landscape. To meet this demand, innovations such as artificial intelligence are needed to speed up predictions about and response to market trends.
The criminal sector is increasingly looking to compromise these new technologies. The rapid increase of online devices that have access to financial and personal data has created new avenues that cybercriminals can exploit. The interconnectedness of many objects, including Internet of Things (IoT) devices and core infrastructure in homes, offices, and cars, has made them more open to risk.
Cybercriminals are skilled at using the newest advancements in areas like artificial intelligence to orchestrate more effective attacks. Many experts predict that this trend will continue to accelerate.
Top 4 Cyber Security Threats
The following are new security threats that will become more prominent in 2019 and beyond, and require an appropriate response from cybersecurity teams.
1. The rise of IoT-based hivenets
Over the past few years, several precursors of hivenets and swarmbots have emerged. Attackers are now more frequently targeting critical infrastructure, using blockchain technology to anonymize the control of botnets, and automating malware exploits.
We have witnessed the creation of predictive software using artificial intelligence methods. The most recent developments use swarm technology to make use of databases comprised of billions of continuously updated bits of data, to form accurate predictions.
How is this related to IoT? We have seen the deployment of huge IoT-based botnets, like Mirai and Reaper, constructed around millions of compromised IoT devices. These threatening botnets have been used as blunt force tools to knock out networks, devices, or even sections of the internet.
Experts predict that cybercriminals will start to upgrade IoT-based botnets with swarm-based technology to facilitate their attacks. The end product would be a hivenet rather than a botnet. A hivenet can use peer-based self-learning to target flaws within systems. Hivenets will potentially utilize swarms of compromised devices (or swarmbots) to isolate and tackle different attack vectors simultaneously.
While IoT-based attacks such as Mirai or Reaper are not using swarm technology at this stage, they are close.
2. Next-gen Morphic Malware
Attackers will continue leveraging automation and machine learning in their attack tactics, techniques, and procedures (TTP). Security researchers currently use sandbox tools with machine learning to identify previously undetected threats and to establish protections.
The other side is now using this approach: to find attack targets, map networks, see where attack targets are vulnerable, blueprint a target to carry out virtual PEN testing, and then to launch a custom attack. This is happening at an AI level and is entirely automated.
Attackers have used existing polymorphic malware for decades, and this methodology already makes use of pre-coded algorithms to take on new forms to bypass security controls. Individuals with malicious intent can potentially use it to create over a million virus variations every day. However, this process is solely based on an algorithm, and attackers have limited control over the output.
Next-generation polymorphic malware, which builds on AI, will have the ability to develop new, customized attacks and not just variations on a static algorithm. The key distinguishing attribute is the use of initiative and discipline.
3. Ransomware hijacks IoT
Cybercriminals continue to profit from ransomware – encrypting the data of a victim and then demanding money for the encryption key. Experts believe that in the coming years, cybercriminals will focus their ransomware attempts on smart devices, connected to the IoT. Attackers may choose to target specific devices, or they may use the devices as gateways to install ransomware on different organizational devices and systems.
Ransomware attacks can cause havoc to business operations and production lines. They can also prove to be life-threatening if they affect, for example, vehicle components or medical implants. Organizations should identify how they use connected devices, and what the impact would be if one or more devices are the target of a ransomware attack.
4. Automated misinformation becomes credible
Advancement in artificial intelligence personas has led to the creation of chatbots that may soon be just like humans. Attackers will have the potential to use these chatbots to pass on misinformation about organizations. An attacker could deploy these chatbots and ruin the reputation of an organization by spreading compelling misinformation about its product or working procedures.
One attacker could potentially use hundreds of chatbots, and each chatbot could spread malicious information via news sites and social media. Furthermore, attackers won’t only target the reputation of an organization. They can, for example, use fake news to affect the share price of a company.
5 Ways To Prepare for Cyber Security Threats
1. Encrypt data
Today, attacks target information retained by companies, such as bank routing digits and employee social security numbers. Companies that keep important data should ensure that this information is always encrypted. They can ensure this information remains safe by using a full-disk encryption tool, which today comes standard with most operating systems.
2. Leverage Threat Intelligence (TI)
One method cybercriminals can use is to make minor changes to their malware. They can even do something as simple as modifying an IP address, which can help the malware remain undetected by many traditional security tools.
One way to keep pace with such changes is through the sharing of threat intelligence. Security vendors and consumers can use new data received from threat intelligence feeds to keep up with the latest developments in the threat landscape. The more detailed the threat intelligence, the more difficult it becomes for cybercriminals to change their attack strategies and tools to evade detection.
3. Secure your IT systems
Organizations need to secure their systems to manage data loss and minimize damage in the case of an attack. Many organizations make the mistake of taking the entire system offline or simply removing the malware. However, the malware is only a symptom, not the source of an attack. Organizations should isolate the compromised segment of their network and then put their efforts into identifying the source of the breach.
As attackers often use administration passwords, organizations should immediately change these passwords as soon as they detect the breach. They should also change their access control list (ACL) and implement a data loss protection solution (dlp solution).
If an organization immediately goes offline, the attacker will know it has been identified and will lay low. The best thing an organization can do is to leave the compromised machines online but block it from access to the internet. They can also place an isolated VLAN or put a firewall in place to stop the compromised machine from communicating with external sources.
4. Think proactively
Organizations should also shift their security paradigm from being reactive to proactive. They can begin by removing as much risk as possible from their current network. Organizations may assume that they have been compromised and to see what they would do differently.
Questions they may wish to ask are: What devices are on our network? What policies have we applied to these devices? Have any of these devices been compromised, and how would we be able to tell?
Many organizations may choose to move to a zero-trust model. This would demand the implementation of multi-factor authentication, setting up segmentation and micro-segmentation, and the deployment of network access control.
Subsequently, organizations can integrate their traditionally isolated security devices into a unified, integrated architecture. This should include all devices: even those used remotely or in multi-cloud environments. Companies can use tools such as threat intelligence and advanced behavioral analytics to identify advanced threats. As threat trends and patterns emerge, they can combine this knowledge with real-time telemetry on their network devices, to start the process of anticipating and proactively stopping threats.
5. Shop for cyber insurance
Due to the complex and unpredictable nature of cyber security threats, an essential line of defense is cyber insurance. A cyber insurance policy can cover risks including liability for damages caused to your customers due to a security breach or a data breach, the regulatory cost of breach compliance and notifications, third-party costs involved in identifying and mitigating the breach, extortion costs and reputation damage.
An effective defense against automated and intelligent threats needs a collaborative, integrated, and adaptive security approach. Organizations that can get their security approach and the basic fabric of their security system right will have a better chance of keeping up with the next generation of AI-based automated attacks. It is a zero-sum game with only one winner. Organizations that don’t prepare today may not be able to catch up tomorrow.
Contact EINSURANCE.com today to get a free cyber insurance quote and protect your small business from the risk of cyber security threats.