Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Vulnerabilities / Threats

12/22/2020
02:00 PM
Derek Manky
Derek Manky
Commentary
Connect Directly
LinkedIn
RSS
E-Mail vvv
50%
50%

Prepare to Fight Upcoming Cyber-Threat Innovations

Cybercriminals are preparing to use computing performance innovations to launch new types of attacks.

The pandemic and the ensuing increase in remote work has given rise to new attack vectors and schemes. One thing 2020 underscored is the opportunistic nature of bad actors. They will grab onto anything they think can help them pull off a cyberattack, even things like phishing campaigns using emails purporting to be from the Centers for Disease Control and Prevention (CDC) — and, more recently, preying on election fears. And what we know is this will continue to evolve moving forward. Bad actors will look for new opportunities, including using many of the innovations in computing performance. 

Related Content:

Is Your Encryption Ready for Quantum Threats?

The Changing Face of Threat Intelligence

SASE 101: Why All the Buzz?

For instance, connected smart devices using 5G at the network edge contain incredible intelligence and power. If cybercriminals used that intelligence and power for attacks, they could create a new wave of attacks that could severely drain the compute resources of legacy security systems. Unfortunately, other types of attacks are cresting the horizon that will target developments in computing performance and innovation in telecommunications, specifically for cybercriminal gain. These new attack types will enable adversaries to cover new territory and present defenders with the difficult job of getting ahead of the cybercriminal curve well in advance. Three such areas where we expect to see increasing attacks include cryptomining, space, and quantum computing. 

Advanced Cryptomining Will Gain Traction
For the past few years, cryptomining has steadily become a strategy for cybercriminals looking for a safe and reliable way to earn ill-gotten gain. It's a rather complicated process by which someone uses a computer's processing resources to verify blockchain transactions.

If cybercriminals want to scale future attacks using machine learning and artificial intelligence (AI) capabilities — and they do — processing power is important. Eventually, by compromising edge devices for their processing power, cybercriminals will be able to process massive amounts of data and learn more about how and when edge devices are used. It could also make cryptomining more effective.

When infected PCs are being hijacked for their compute resources, IT security teams can often identify it quickly because CPU usage directly impacts the end user's workstation experience. However, compromising secondary devices would be much less noticeable.

Spreading Attacks From Space
Cybercriminals find enticing targets in the connectivity of satellite systems and telecommunications. As new communication systems scale and begin to rely more on networks of satellite-based systems, cybercriminals could target this convergence.

Consequently, attackers could compromise satellite base stations and then spread that malware through satellite-based networks. This would give attackers the ability to potentially target millions of connected users at scale or inflict distributed denial-of-service (DDoS) attacks that could impede vital communications. The federal government sees this as a credible threat and has started preparing for it, building up cybersecurity personnel and technical capabilities as systems become increasingly vulnerable.

The Quantum Threat
Quantum computing is another upcoming challenge. It could create a new cyber-risk when it eventually becomes capable of challenging the effectiveness of data encryption. The massive compute power of quantum computers could render asymmetric encryption algorithms obsolete. Consequently, organizations will need to shift to quantum-resistant computing algorithms using the principle of crypto agility to protect data integrity.

A viable quantum computer is still a ways off, but no one knows exactly when it will arrive. According to NIST, the first quantum computer that could pose a threat to the algorithms currently used to produce encryption could be built by 2030. Organizations need to start preparing now, because you can be certain that the bad actors aren't waiting. And although the average cybercriminal will not have access to quantum computers, nation-states will. Therefore, the threat could be sooner and more realistic than many perceive.

Prepare for Battle
2020 has been an unprecedented year for cyber threats. We've seen cyber attackers in full force, taking advantage of every opportunity and every attack vector possible. Unfortunately, 2021 shows no signs of slowing down; the types of threats and the types of vulnerabilities will continue to evolve in step with new technologies.

Threat intelligence is central to defending against these threat vectors, providing vital information in real time. Visibility will also be critical, particularly at this time when a significant amount of traffic is encrypted and many users are outside the typical network scenario. Examining encrypted traffic puts an enormous strain on a security device, and not all systems are up for the challenge at speed and scale. You may miss critical threats entering your network if you're not prepared. Another piece of the security armor is automated threat detection so that your team can address attacks immediately, not months later.

Start preparing now for the emerging new attack methods, using the tools and strategies that will empower your team to defeat the negative aspects of innovations in computing performance.

Derek Manky formulates security strategy with more than 15 years of cyber security experience behind him. His ultimate goal to make a positive impact in the global war on cybercrime. Manky provides thought leadership to industry, and has presented research and strategy ... View Full Bio
 

Recommended Reading:

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
News
Former CISA Director Chris Krebs Discusses Risk Management & Threat Intel
Kelly Sheridan, Staff Editor, Dark Reading,  2/23/2021
Edge-DRsplash-10-edge-articles
Security + Fraud Protection: Your One-Two Punch Against Cyberattacks
Joshua Goldfarb, Director of Product Management at F5,  2/23/2021
News
Cybercrime Groups More Prolific, Focus on Healthcare in 2020
Robert Lemos, Contributing Writer,  2/22/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win an Amazon Gift Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
Building the SOC of the Future
Building the SOC of the Future
Digital transformation, cloud-focused attacks, and a worldwide pandemic. The past year has changed the way business works and the way security teams operate. There is no going back.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-27132
PUBLISHED: 2021-02-27
SerComm AG Combo VD625 AGSOT_2.1.0 devices allow CRLF injection (for HTTP header injection) in the download function via the Content-Disposition header.
CVE-2021-25284
PUBLISHED: 2021-02-27
An issue was discovered in through SaltStack Salt before 3002.5. salt.modules.cmdmod can log credentials to the info or error log level.
CVE-2021-3144
PUBLISHED: 2021-02-27
In SaltStack Salt before 3002.5, eauth tokens can be used once after expiration. (They might be used to run command against the salt master or minions.)
CVE-2021-3148
PUBLISHED: 2021-02-27
An issue was discovered in SaltStack Salt before 3002.5. Sending crafted web requests to the Salt API can result in salt.utils.thin.gen_thin() command injection because of different handling of single versus double quotes. This is related to salt/utils/thin.py.
CVE-2021-3151
PUBLISHED: 2021-02-27
i-doit before 1.16.0 is affected by Stored Cross-Site Scripting (XSS) issues that could allow remote authenticated attackers to inject arbitrary web script or HTML via C__MONITORING__CONFIG__TITLE, SM2__C__MONITORING__CONFIG__TITLE, C__MONITORING__CONFIG__PATH, SM2__C__MONITORING__CONFIG__PATH, C__M...