Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Vulnerabilities / Threats

12/22/2020
02:00 PM
Derek Manky
Derek Manky
Commentary
Connect Directly
LinkedIn
RSS
E-Mail vvv
50%
50%

Prepare to Fight Upcoming Cyber-Threat Innovations

Cybercriminals are preparing to use computing performance innovations to launch new types of attacks.

The pandemic and the ensuing increase in remote work has given rise to new attack vectors and schemes. One thing 2020 underscored is the opportunistic nature of bad actors. They will grab onto anything they think can help them pull off a cyberattack, even things like phishing campaigns using emails purporting to be from the Centers for Disease Control and Prevention (CDC) — and, more recently, preying on election fears. And what we know is this will continue to evolve moving forward. Bad actors will look for new opportunities, including using many of the innovations in computing performance. 

Related Content:

Is Your Encryption Ready for Quantum Threats?

The Changing Face of Threat Intelligence

SASE 101: Why All the Buzz?

For instance, connected smart devices using 5G at the network edge contain incredible intelligence and power. If cybercriminals used that intelligence and power for attacks, they could create a new wave of attacks that could severely drain the compute resources of legacy security systems. Unfortunately, other types of attacks are cresting the horizon that will target developments in computing performance and innovation in telecommunications, specifically for cybercriminal gain. These new attack types will enable adversaries to cover new territory and present defenders with the difficult job of getting ahead of the cybercriminal curve well in advance. Three such areas where we expect to see increasing attacks include cryptomining, space, and quantum computing. 

Advanced Cryptomining Will Gain Traction
For the past few years, cryptomining has steadily become a strategy for cybercriminals looking for a safe and reliable way to earn ill-gotten gain. It's a rather complicated process by which someone uses a computer's processing resources to verify blockchain transactions.

If cybercriminals want to scale future attacks using machine learning and artificial intelligence (AI) capabilities — and they do — processing power is important. Eventually, by compromising edge devices for their processing power, cybercriminals will be able to process massive amounts of data and learn more about how and when edge devices are used. It could also make cryptomining more effective.

When infected PCs are being hijacked for their compute resources, IT security teams can often identify it quickly because CPU usage directly impacts the end user's workstation experience. However, compromising secondary devices would be much less noticeable.

Spreading Attacks From Space
Cybercriminals find enticing targets in the connectivity of satellite systems and telecommunications. As new communication systems scale and begin to rely more on networks of satellite-based systems, cybercriminals could target this convergence.

Consequently, attackers could compromise satellite base stations and then spread that malware through satellite-based networks. This would give attackers the ability to potentially target millions of connected users at scale or inflict distributed denial-of-service (DDoS) attacks that could impede vital communications. The federal government sees this as a credible threat and has started preparing for it, building up cybersecurity personnel and technical capabilities as systems become increasingly vulnerable.

The Quantum Threat
Quantum computing is another upcoming challenge. It could create a new cyber-risk when it eventually becomes capable of challenging the effectiveness of data encryption. The massive compute power of quantum computers could render asymmetric encryption algorithms obsolete. Consequently, organizations will need to shift to quantum-resistant computing algorithms using the principle of crypto agility to protect data integrity.

A viable quantum computer is still a ways off, but no one knows exactly when it will arrive. According to NIST, the first quantum computer that could pose a threat to the algorithms currently used to produce encryption could be built by 2030. Organizations need to start preparing now, because you can be certain that the bad actors aren't waiting. And although the average cybercriminal will not have access to quantum computers, nation-states will. Therefore, the threat could be sooner and more realistic than many perceive.

Prepare for Battle
2020 has been an unprecedented year for cyber threats. We've seen cyber attackers in full force, taking advantage of every opportunity and every attack vector possible. Unfortunately, 2021 shows no signs of slowing down; the types of threats and the types of vulnerabilities will continue to evolve in step with new technologies.

Threat intelligence is central to defending against these threat vectors, providing vital information in real time. Visibility will also be critical, particularly at this time when a significant amount of traffic is encrypted and many users are outside the typical network scenario. Examining encrypted traffic puts an enormous strain on a security device, and not all systems are up for the challenge at speed and scale. You may miss critical threats entering your network if you're not prepared. Another piece of the security armor is automated threat detection so that your team can address attacks immediately, not months later.

Start preparing now for the emerging new attack methods, using the tools and strategies that will empower your team to defeat the negative aspects of innovations in computing performance.

Derek Manky formulates security strategy with more than 15 years of cyber security experience behind him. His ultimate goal to make a positive impact in the global war on cybercrime. Manky provides thought leadership to industry, and has presented research and strategy ... View Full Bio
 

Recommended Reading:

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
News
US Formally Attributes SolarWinds Attack to Russian Intelligence Agency
Jai Vijayan, Contributing Writer,  4/15/2021
News
Dependency Problems Increase for Open Source Components
Robert Lemos, Contributing Writer,  4/14/2021
News
FBI Operation Remotely Removes Web Shells From Exchange Servers
Kelly Sheridan, Staff Editor, Dark Reading,  4/14/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
How Enterprises are Developing Secure Applications
How Enterprises are Developing Secure Applications
Recent breaches of third-party apps are driving many organizations to think harder about the security of their off-the-shelf software as they continue to move left in secure software development practices.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-25382
PUBLISHED: 2021-04-23
An improper authorization of using debugging command in Secure Folder prior to SMR Oct-2020 Release 1 allows unauthorized access to contents in Secure Folder via debugging command.
CVE-2021-26291
PUBLISHED: 2021-04-23
Apache Maven will follow repositories that are defined in a dependency’s Project Object Model (pom) which may be surprising to some users, resulting in potential risk if a malicious actor takes over that repository or is able to insert themselves into a position to pretend to be t...
CVE-2021-31607
PUBLISHED: 2021-04-23
In SaltStack Salt 2016.9 through 3002.6, a command injection vulnerability exists in the snapper module that allows for local privilege escalation on a minion. The attack requires that a file is created with a pathname that is backed up by snapper, and that the master calls the snapper.diff function...
CVE-2021-31597
PUBLISHED: 2021-04-23
The xmlhttprequest-ssl package before 1.6.1 for Node.js disables SSL certificate validation by default, because rejectUnauthorized (when the property exists but is undefined) is considered to be false within the https.request function of Node.js. In other words, no certificate is ever rejected.
CVE-2021-2296
PUBLISHED: 2021-04-22
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). The supported version that is affected is Prior to 6.1.20. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromi...