Industry executives and experts share their predictions for 2019. Read them in this 11th annual VMblog.com series exclusive.
Contributed by Justin Fier, Director for Cyber Intelligence & Analytics at Darktrace
Malicious AI, New Variations on ICS Attacks, Trust Attacks
In today's complex digital environments, machines are
fighting machines, and advanced attackers and criminal groups are contriving
sophisticated new ways to perpetrate their missions. The corporate network has
become a battlefield, where the stakes are control of digital assets and, ultimately,
the ability of the organization to function. Given what Darktrace has seen
across its customer-base of 7,000 deployments in 2018, these are the three main
trends we predict will dominate headlines in the coming years.
Malicious AI
The use of AI to defend organizations from cyber-attack is by now
well-established best practice. The possibility of the flip side to this - bad
actors harnessing the power of AI to attack organizations - has long been
discussed and rumored as a possibility. After seeing increasingly automated and
sophisticated attacks in the wild in 2018 (Trickbot malware, worming
crypto-mining malware, and SquirtDanger (known as the Swiss Army knife
malware)), we look to the future of AI-driven cyber-attacks.
Infrastructure attacks
Since the attacks on the Ukrainian power grid in 2016, and Triton
in 2017, attacks on industrial environments have become mainstream. With
several nation states providing warnings in 2018 about ongoing targeting of
their energy grids, 2019 looks set for increasing numbers of high profile
cyber-attacks on our critical infrastructure. Darktrace is specifically looking
at three threat vectors: smart meters and IoT devices, disruption of core
logistics and transportation services (specifically in shipping), and sporting
events infrastructure.
Influence, propaganda, and trust
Election meddling, fake news, and Twitter bots have created issues
around trust on the web at the center of political discourse. As we begin to
see AI-powered chat bots, and extensive influence peddling through social
media, we face the prospect of the internet as a weapon to undermine trust and
control public opinion. This raises deep issues about how to validate and
control the flow of information which will have massive implications for the
security of the private sector and public discourse alike, something that
governments in both the UK and US are struggling with now. Controlling data may
soon become more important than stealing it.
As networks have grown in scope and complexity,
the opportunities for attackers to exploit the gaps have increased. Walls are
no longer enough to protect a network, and rules-based tools cannot keep up
with all possible attack vectors. A constantly evolving cyber-attack landscape
requires a step up in our detection capability, using machine learning to
understand the environment, filter the noise and take action where threats are
identified.
##
About the Author
Justin Fier is the
Director for Cyber Intelligence & Analytics at Darktrace, based in
Washington D.C. Justin is one of the US's leading cyber intelligence experts,
and his insights have been widely reported in leading media outlets, including
Wall Street Journal, CNN, the Washington Post, and VICELAND. With over 10 years
of experience in cyber defense, Justin has supported various elements in the US
intelligence community, holding mission-critical security roles with Lockheed
Martin, Northrop Grumman Mission Systems and Abraxas. Justin is also a
highly-skilled technical specialist, and works with Darktrace's strategic
global customers on threat analysis, defensive cyber operations, protecting
IoT, and machine learning.