Virtualization Technology News and Information
DomainTools 2020 Predictions: The changing security frontline

VMblog Predictions 2020 

Industry executives and experts share their predictions for 2020.  Read them in this 12th annual series exclusive.

By John "Turbo" Conwell, Principal Data Scientist, DomainTools and Tarik Saleh, Senior Security Engineer & Malware Researcher, DomainTools

The changing security frontline

In security, the only constant is change. Rapid change at that. Just when we think we've reached the frontline to meet the enemy head-on, they move the goal post and we're back to playing catch-up. This year, we picked a couple of these emerging threats that have the characteristics to make major headlines next year due to the potential large-scale damage they could cause. 

DeepFake Driven Phishing

DeepFakes are an AI technique used to create realistic yet fake audio or video of someone. Over the past year, researchers have even been able to create models that can render DeepFake videos in real-time at the quality of a believable video conference. These tools represent a paradigm shift in how we identify and defend against phishing attacks. We've been taught to not blindly trust most forms digital communications such as email and SMS. But most people wouldn't second guess a voicemail from their CEO asking to reset their password or reroute a money transfer. Especially if the voicemail uses the recipient's name and references a previous conversation they had over email. As DeepFake and malicious AI technologies evolve, they will make phishing attacks harder than ever to detect as reality becomes distorted. It's going to be critical for Information Security teams to heighten their awareness of this emerging threat and alter their security strategies appropriately. It's going to be critical for Information Security teams to heighten their awareness of this emerging threat and alter their security strategies appropriately.

A Cloud of Suspicion Over Cloud Security

As more companies migrate their infrastructure and services to the cloud, we will continue to see a growing emphasis on the risk of inter-cloud attacks. Cloud providers will have to move fast and respond to new attack vectors such as inter-cloud attacks (i.e. VPS instances attacking other VPS's in the same cloud service). Responding to these appropriately will be a new challenge, especially with the prevalence of HTTPS across most cloud services, and will put the onus on the cloud providers to get their detection and response processes figured out; it is really difficult to protect the cloud from itself.

These attacks take two of the oldest tricks in the playbook - phishing and DDoS - and update them with the emerging technologies of today to recreate the playing field.


About the Authors

John Conwell 

John "Turbo" Conwell is a Principal Data Scientist at DomainTools. He brings 10 years experience in data science and machine learning to bear on cybersecurity. He is currently focusing on building models to identify domains created for malicious intent as soon as they are created.

Tarik Saleh 

Tarik Saleh is the Senior Security Engineer and Malware Researcher at DomainTools. He has been a technology hobbyist since he got his first computer at age 10 and has over 7 years experience in Information Security in various blue-team roles such as leading a Threat Hunting team, Incident Response and Security Operations.

Published Wednesday, January 22, 2020 7:45 AM by David Marshall
There are no comments for this post.
To post a comment, you must be a registered user. Registration is free and easy! Sign up now!
<January 2020>