Feel The Need... The Need For Speed!

By Brad LaPorte, Chief Evangelist at Kasada

Just like any racetrack there are good drivers and bad drivers. As we turn the bend into 2021, we will push the pedal to the metal on the information superhighway with the fastest cars that have ever had their rubber hit the road. Corporations will be going as fast as they can to make up for losses and setbacks in 2020 while criminals will do everything they can to profit from those efforts.

Here are the top predictions Kasada has for 2021:

The World Will Embrace a Cybersecurity Mesh Approach

Historically information sharing has been restricted to silos. Typically segregated by industry, geography, and/or by specific categorization. As defenders become overrun with more voluminous and sophisticated attacks, they will be forced to work together. No truer example is that of the supply chain attack that took place a few days ago leveraging SolarWinds. According to Gartner, as part of its publication How to Respond to the 2020 Threat Landscape, "Supply chains are also increasingly vulnerable to attack. Hackers have targeted corporations' supply chains as a means of access, because they act as ‘force multipliers' in gaining access to hundreds or thousands of companies with a single compromise. By attacking a widely distributed, but otherwise harmless utility program, hackers can gain a foothold in organizations."

Even Brad Smith, Microsoft's President, has recently issued a call for collaboration. Many other cyber security leaders and evangelists will follow and provide the level of momentum that this industry has been starving for over the past 2 decades (see his comments here: https://blogs.microsoft.com/on-the-issues/2020/12/17/cyberattacks-cybersecurity-solarwinds-fireeye/).

These recent events, multiplied by the trials and tribulations that 2020 has brought to bare, will act as a catalyst for improvements. Walls will finally come crumbling down. This siloed mentality was sufficient when single breaches were occurring, but once the playing field resulted in thousands happening at the same time a convoy started to form. Having these roadblocks finally out of the way will lay the groundwork for a high performance race track to ensure rapid improvements.

Out with the Old, In with New: CAPTCHA Will Be Replaced By More Efficient and Secure Solutions

CAPTCHA is an old clunker. It was first invented in 1997, and while it has gone through many upgrades and approaches over the years, it remains relatively unchanged. Most of the early versions are now at their end-of-life and at the bottom of the junkyard. Even Wikipedia will give you a great list of different circumvention techniques - https://en.wikipedia.org/wiki/CAPTCHA.

On average it takes approximately 10 seconds to solve a typical CAPTCHA...and if that is if you get it right on the first try...which almost never happens. A 1 second delay can reduce customer satisfaction by 16% and impact revenue by over 4% over the course of time (Source). 2021 will finally be the year that this whole approach is finally nuked from orbit (after all it is the only way to be sure).

At Kasada we have a patented approach to replacing CAPTCHA and it's close relatives. We were able to look down the road ahead of the curve and truly design something unique.

Kasada removes the disguise that threat actors and advanced persistent bots groups use to achieve their ill-intentioned objectives through free and readily available automated tooling. We do this while taking careful measures to frustrate the adversary by (1) deterring reverse engineering attempts through clever obfuscation techniques and encryption and (2) destroying their ROI by inflicting financial damage by way of an increasingly difficult proof-of-work challenge. With little to no maintenance, Kasada's customers can realize immediate and long-term efficacy after deploying in minutes.

Put simply, it is easy to deploy, use and provides a frictionless solution. The way it should be.

Robot Drivers Will Dominate The Road

According to the Kasada Research Team and industry benchmarks, 25% of the internet is now comprised of bad bots, malicious automated tools, and evil AI. Next year it will double, making half of the internet be saturated with malicious automated traffic.

The global economy is in full swing and ecommerce is now a necessity versus a commodity. Rapid adoption of digital commerce, backed by fully scalable cloud computing, has set the foundation. 5G, IoT, and edge computing will act as a catapult. Cybercriminals have always been early adopters of the latest and greatest technologies - and using automation will amplify and multiply their efforts at mass scale, making them faster than ever. 

Over 90% of cyberattacks will involve some form of malicious automation by the end of the year. What will immediately follow is a period of rapid investment and adoption, primarily in using automation for cybersecurity.

Some examples of how malicious automation will be used include:

• Content scraping malware to make attacks more efficient
• AI-Supported CAPTCHA breaking; making it obsolete
• Convincing social engineering attacks at scale; rendering gesture detection and biometric authentication useless 
• Intelligent targeting and evasion attack vectors
• Data pollution and rampant misinformation ingestion 
  

This will drive forward adoption of anti-automation mitigation tools that can detect and interrupt attacks efficiently, effectively and continuously. These protections will be a necessity for businesses to successfully conduct business online and protect their web-facing digital assets.

##

About the Author

Brad LaPorte is the Chief Evangelist at Kasada. He is a seasoned technology executive with over 15 years of combined cybersecurity, product management and business experience. During this time, he has been on the frontlines fighting cyber criminals and advising top CISOs, CIOs, CxOs and other thought leaders on how to be as efficient and effective as possible. This was conducted in various advisory roles at the highest levels of top intelligence agencies, as a senior product leader at both Dell and IBM, at a late stage start up, and as a Gartner analyst where he conducted over 1,000 conversations with leading corporations about the rapidly expanding threat landscape.