Artificial intelligence used to create lean and mean attacks

Morey Haber, Chief Technology Officer and Chief Information Security Officer, BeyondTrust.
6 years ago

REGIONAL TRANSFORMATION OUTLOOK 2019

2019 will see an increasing number of attacks coordinated with the use of artificial intelligence and machine learning. Artificial intelligence will analyse available options for exploit and develop strategies that will lead to an increase in number of successful attacks. Artificial intelligence will also be able to take information gathered from successful hacks and incorporate that into new attacks, potentially learning how to identify defense strategies from the pattern of available exploits. This evolution may potentially lead to attacks that are significantly harder to defend against.

The next few years will see an increase in the attention that industrial control systems and SCADA systems attract from cybercriminals and nation-state hackers. The opportunity to create ransomware scenarios directly affecting critical national infrastructure will draw attention from cyber criminals motivated both, by financial gain, as well as those who are looking to develop weapons in the evolving cyber-frontline. Historically, operational technology teams have been reluctant to engage with IT security practices, but we are seeing this change as all teams recognise that cybersecurity is a critical aspect of business continuity.

Major security breaches will continue to dominate the news, but the latest form of attacks on organisations will come in the form of an attack on their supply chains. Corporate attacks and corporate espionage will take on a whole new meaning as more supply chain attacks with embedded malware are discovered.

But this is the tip of the iceberg in terms of cyber threats — the major devices targeted will be IoT and will range anywhere from consumer-based routers to home-based nanny cams. Expect the supply chain for many vendors, including those that produce personal digital assistances, to be a new target from threat actors who infiltrate environments and insecure DevOps processes.

Android will no longer be fully open and extensible. Google has already announced that only the default application can access calls and SMS texting data for the next release of Android, and the default application must be explicitly set in the configuration. No longer can multiple applications?including tools used for spam detection—be shared with your favorite calling and texting applications. Expect Google to continue this trend to fight malware and spyware by closing more of the operating system in the name of security.

Infonomics will begin to become mainstream and, just like other intellectual property, expect businesses to begin applying a value to the data and disclosing the information they have and what it costs for sale. If you think this is farfetched, consider the value of GPS data over the last 30 years. From the early days of MapQuest to dedicated GPS receivers, driving and transportation data has become a commodity.

However, if you start layering other data?like traffic, construction, you have a high-valued database that will become crucial for autonomous cars. There is real value there, and it will come at a price to car manufacturers. The data itself therefore has a value, and businesses will begin rating themselves more publicly on the Infonomics they possess. And not just to private equity firms or other businesses looking at merger and acquisition activities, or purchase of the information.

The millennial generation will share almost anything on the Internet. Social media has proven that almost anything goes regardless of its perceived sensitivity. This implies that nearly an entire generation has a lower sensitivity to private data and that a who cares attitude for sensitive information is beginning its own movement. Expect data classification to evolve based on the youngest users, and what we consider private today will not be private, or of a concern, tomorrow.

In an effort to protect and control the exposure of personal data, information brokers will begin to emerge. These services will provide centralised mechanisms that allow granular sharing of data so that only the essential data is shared for whatever service you are signing up to. The EU has been working on digital identity in this form for several years and may well be the first to bring that into full effect, but others will follow in providing a mechanism by which our data is decentralised. This will help limit individual data exposures when systems are compromised and allow more control by individuals over their data and who has legitimate access to it.

Morey Haber, CTO, BeyondTrust.

Key takeaways

  • The opportunity to create ransomware scenarios affecting critical national infrastructure will draw attention from cyber criminals.
  • Cyber criminals will be motivated both by financial gain as well as those looking to develop weapons in cyber-frontline.
  • Operational technology teams have been reluctant to engage with IT security practices but we are seeing this change.
  • Infonomics will begin to become mainstream and expect businesses to begin applying value to data.
  • In an effort to protect and control exposure of personal data information brokers will begin to emerge.

Don't Miss

Rob Spee, SVP of Global Channels & Alliances, BeyondTrust.

3 trends set to shape the regional cybersecurity channel in the year ahead

As we enter 2024, the GCC channel must shake off the lingering
Marc Maiffret, Chief Technology Officer, BeyondTrust

BeyondTrust announced availability of Identity Security Insights to manage human, non-human identities

BeyondTrust announced the general availability of its groundbreaking Identity Security Insights solution.