Industry executives and experts share their predictions for 2020. Read them in this 12th annual VMblog.com series exclusive.
By Marcus Fowler, Director of Strategic Threat, Darktrace
Hindsight is 20/20 - What 2019's Cyber-Attacks Can Tell Us About The 2020 Threat Landscape
In 2019, businesses' vulnerabilities
and the shortcomings of existing cyber security strategies were again thrown
into the spotlight. Organizations struggled to secure their data in the face of
insider threat, ransomware attacks, new regulations and even simple
misconfigurations. At the same time, cyber-criminals were speeding up -
developing novel exploits, gaining access to nation-state grade tools proliferating
on the dark net, and finding new inroads into enterprises.
What can businesses expect in 2020?
What cards do cyber-criminals hold in their deck? By analyzing emerging
technologies and industry trends, we can anticipate the techniques that
attackers may utilize in the new year.
Success at Machine-Speeds
Despite the increase in ransomware attacks over
the last year, we likely still haven't seen its peak.
In 2019, cyber-criminals utilized both
targeted and spray-and-pray approaches to successfully attack enterprises,
public bodies, and local governments. Ransomware's prevalence and success has raised
concerns at the highest levels, with institutions like the FBI issuing warnings that ransomware presents
an urgent and high-impact threat to US organizations.
The 2020 landscape looks eerily similar. As
businesses and digital infrastructures continue to grow in scale and
complexity, we will also see ransomware continue to scale up and shape-shift.
While possessing the same core characteristics, these new developments will widen
the threat landscape and make it even harder for security teams to detect and
prevent these attacks. Crucially, these will be never-before-seen threats, meaning
that rules and signature-based approaches won't stand a chance.
Ransomware's efficacy is, by-and-large, due
to its speed - it can simply move faster than security teams can respond. The
fifth generation of cellular networks, 5G, will only further facilitate the
rise of similar machine-speed and automated attacks. At wireless connection
speeds up to 100 times faster than 4G, malware can download and spread
throughout a victim's network long before they realize that anything is amiss.
Without equally fast defenses that are able to keep up with both the speed and
evolution of these threats, ransomware will continue to be as successful as
ever.
The Rise of Terror-Ware
At the same time that ransomware attacks have
increased, attacks against physical infrastructure have also been on the rise.
In the last year, factories, nuclear plants, oil refineries, ports, and energy
grids have all been infiltrated by advanced attackers. In 2020, we will see
these two threats converge, with ransomware threatening industrial processes rather
than data. Unfortunately, this makes data back-up a poor safety net for what
lies ahead.
As smart buildings, smart cities, and the Internet
of Things become an exciting reality, security vulnerabilities will only continue
to grow. In an interconnected world, almost everything is fair game to hackers
- who, as we know, are endlessly creative. This development inextricably links
cyber security with physical and operational security.
In 2020, governments should expect to see
adversaries, criminals, nation-state actors, and potentially even terrorists
take advantage of cyber-physical vulnerabilities, leveraging cyber-for-hire to
execute these advanced attacks if they lack the technical hacking skills. Perhaps most concerningly, we will likely see
nation-state proxy conflict escalate - with cyber as the key tool. Cyber conflict
between nation-states is nothing new. However, as the lines between the cyber
and physical world increasingly blur, so will the lines between cyber and physical
warfare. The blurring of these lines will raise the stakes for all involved,
increasing the potential for miscalculations and unintentional escalations, and
further complicating international relations.
A(I)ttacks?
The building blocks for AI-powered cyber-attacks are already in
place. As sophisticated defenses and access to
open-source AI tools incentivize adversaries to supercharge their attacks, 2020 may very well bring with
it the first true AI-powered cyber-attack.
Advanced malware that adapts its behavior to remain undetected has
long been on the rise. Once released, these self-learning attacks will not wait
for orders from home base. They will make their own decisions, often while deep
inside corporate networks, and deliver blows slowly, stealthily, and virtually
without a trace.
However, AI won't only enable malware to move undetected
across complex digital infrastructures, but also help attackers determine their
targets, conduct reconnaissance, and scale attacks. Successfully executing an
advanced attack currently requires numerous resources and manpower. With AI,
the same adversary could target 20 companies in the time it might currently take
to target one.
AI cyber-attacks will be almost impossible
for humans to stop - and once the first wide-spread AI attack occurs, there
will be no turning back the clock. Using self-learning technology, companies
would be smart to build up their defenses before that day comes.
Conclusion
If the cyber-attacks of the last year have
taught us anything, it's that we need to expect the unexpected. Trying to
predict the vulnerabilities in a new technology, the precise signature of an
attack, or a new malware strain in the face of an ever-evolving threat
landscape and increasingly complex businesses is like finding a specific needle
in a needlestack.
With new IoT devices, neural interfaces, 5G, autonomous
vehicles, and other new technologies beginning to come to market, cyber
security needs to be an integral part of their development from day one. And as hackers continue to innovate, the winners of
2020 will be those who can match the speed of both innovation and attacks. AI
for cyber defense presents the most promising defense weaponry in the arms
race, as it is the only force capable of combatting offensive AI and other yet-unseen
attacks. In the intense geopolitical heat of the present moment, we must look
ahead and prepare our digital enterprises for the sieges to come.
##
About the Author
Marcus Fowler, Director of Strategic Threat,
Darktrace
Marcus Fowler
spent 15 years at the Central Intelligence Agency developing global cyber
operations and technical strategies, until joining Darktrace in 2019. He has
led cyber efforts with various US Intelligence Community elements and global
partners, and has extensive experience advising senior leaders on cyber
efforts. He is recognized as a leader in developing and deploying innovative
cyber solutions. Prior to serving at the CIA, Marcus was an officer in the
United States Marine Corps. Marcus has an engineering degree from the United
States Naval Academy and a Masters' Degree in International Security Studies
from The Fletcher School. He also completed Harvard Business School's Executive
Education Advanced Management Program.