Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Attacks/Breaches

5/22/2017
12:09 PM
Connect Directly
Twitter
LinkedIn
Google+
RSS
E-Mail
50%
50%

Emerging Threats to Add to Your Security Radar Screen

The cybersecurity threat landscape is poised to grow in size and complexity - what to look out for.

As security pros scramble to defend against today's threats as well as a new wave of attacks such as the WannaCry ransomware worm, emerging technologies and determined cybercriminals are poised to make cyber-defense even more complex.

Machine learning and the Internet of Things aren't new terms, but they're new to the workplace. As more businesses adopt advanced systems, they'll find themselves vulnerable to a broader range of security threats. The geopolitical landscape will also drive security risk as nation-states target foreign adversaries without fear of punishment.

At last week's Interop ITX conference in Las Vegas, security experts discussed the implications of current and future threats. Here are what they identified as the next big threats for enterprises:

The Internet of Things

IoT poses a tremendous security threat as users and devices become increasingly connected. The problem is, it's so new that many people haven't begun to worry about it.

"I was blown away to hear most people don't think that's really a thing yet," said Dawn-Marie Hutchinson, executive director for the office of the CISO at Optiv, of the IoT during her Interop presentation on securing enterprise infrastructure.

The pressure to build for the IoT has already started. Companies rushing to cash in on the demand for connected products are churning out "smart" appliances, accessories, and other gadgets faster than they can secure them. Most people don't bother to take precautions like changing default passwords, an oversight that's leaving them vulnerable.

"We're racing for innovation and disruption … but just because you can, doesn't mean you should," says Cheryl Biswas, a cybersecurity consultant for threat intelligence at KPMG. "We don't need any of this stuff, but we are making it."

The competition is driving an influx of Internet-connected devices built without basic security measures, and businesses and consumers will be at risk as flaws are discovered and exploited. The implications of poor IoT securitywere underscored with last year's Mirai botnet attacks and the Persirai botnet discovered earlier this month.

FireEye CEO Kevin Mandia says attack strategies will continue to change and may evolve to the point where attackers will begin to exploit user trust. Human communication will "become the backbone for how we control devices," he says.

"With wearable devices, all will be cloud-based, as we'll all have physiology combined with technology, combined with the Internet," Mandia continues. "Money, identity, everything will be part of the devices that you carry."

Machine Learning

Today's criminals may find success with quick-and-easy attacks, but look for them to experiment with advanced techniques as machine learning and artificial intelligence as these technologies slowly pervade our everyday lives through Alexa, Amazon Echo, search results, and other instances.

The information that machine learning systems derive from rules, heuristics, signatures, and people will soar into the billions of pieces of information, according to Mandia. If the good guys are using it, we can bet the bad guys will use it, too.

Future attackers will exploit peoples' reliance on machine learning and ignorance of how it generates results. Many users don't take time to understand the processes behind these systems, instead trusting machine learning algorithms to find the shortest path to a result.

"Machine learning accepts what it's given, and there's no transparency into what went into a decision or model," explains Anomali VP of product management Anthony Aragues.

He anticipates this will fuel the rise of "adversarial machine learning," where attackers enter false information into systems to generate bad results. This could be used to disrupt services like facial recognition, as well as to misdirect people and conduct other attacks that abuse user trust in machine learning to target victims.

Nation-states

The risk of nation-state cyberattacks will also evolve amid today's geopolitical landscape. We're at the beginning of an age when "we'll miss data breaches," said Paul Kurtz, TruSTAR cofounder and CEO, during a talk on nation-state attacks at last week's Interop conference.

"Everything we've seen so far … is nothing," he continued, explaining how nation-state attacks will lead to more serious damage like incapacitated systems. These threats are so complex because adversaries share tools and strategies, and attacks are collaborative and automated.

Kurtz explained how adversaries like Russia and China are considered major powers because they have the influence to threaten victims "in an existential way." Regional powers North Korea and Iran pose less of an immediate danger but are still a growing concern.

"We're always on defense in cybersecurity," FireEye's Mandia said of the rise in nation-state threats during his Interop keynote. Foreign adversaries don't need complex tactics; many exploit human trust. More than 90% of attacks FireEye investigates began with spearphishing.

Mandia noted FireEye is responding to more state-sponsored intrusions than financially motivated attacks. The rise in nation-state threats is partly due to a lack of punishment: there are no risks or repercussions to hackers, he continued.

"It'll be about money, it'll be about influence, it'll be about espionage," said Mandia of future attacks.

What to do about it

"With the IoT, it's basically everyday things becoming digital," said Daniel Miessler, director of advisory services at IOActive, during his Interop presentation on IoT security. "The problem is, businesses depend on those everyday things."

He advised businesses adopting IoT take the time to conduct risk assessments before implementing products. Ask the questions: What data is being captured, and via what sensors? Where is it sent? How is it stored?

Those who use machine learning should not accept that a "magic algorithm" is producing good results, says Aragues. Take the time to understand how these systems work and interpret data so you can recognize and respond when something is suspicious.

On a consumer level, we need to emphasize basic security steps and explain the risks to users, says IBM Security's global executive security advisor Diana Kelley. Cyberattacks will become more disruptive as we depend more on software and connectivity, she predicts.

"The key is making security accessible," she says. "We need to help people help themselves."

Related Content:

Kelly Sheridan is the Staff Editor at Dark Reading, where she focuses on cybersecurity news and analysis. She is a business technology journalist who previously reported for InformationWeek, where she covered Microsoft, and Insurance & Technology, where she covered financial ... View Full Bio

Comment  | 
Print  | 
More Insights
Comments
Oldest First  |  Newest First  |  Threaded View
Mobile Banking Malware Up 50% in First Half of 2019
Kelly Sheridan, Staff Editor, Dark Reading,  1/17/2020
Exploits Released for As-Yet Unpatched Critical Citrix Flaw
Jai Vijayan, Contributing Writer,  1/13/2020
Microsoft to Officially End Support for Windows 7, Server 2008
Kelly Sheridan, Staff Editor, Dark Reading,  1/13/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
The Year in Security: 2019
This Tech Digest provides a wrap up and overview of the year's top cybersecurity news stories. It was a year of new twists on old threats, with fears of another WannaCry-type worm and of a possible botnet army of Wi-Fi routers. But 2019 also underscored the risk of firmware and trusted security tools harboring dangerous holes that cybercriminals and nation-state hackers could readily abuse. Read more.
Flash Poll
[Just Released] How Enterprises are Attacking the Cybersecurity Problem
[Just Released] How Enterprises are Attacking the Cybersecurity Problem
Organizations have invested in a sweeping array of security technologies to address challenges associated with the growing number of cybersecurity attacks. However, the complexity involved in managing these technologies is emerging as a major problem. Read this report to find out what your peers biggest security challenges are and the technologies they are using to address them.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-7227
PUBLISHED: 2020-01-18
Westermo MRD-315 1.7.3 and 1.7.4 devices have an information disclosure vulnerability that allows an authenticated remote attacker to retrieve the source code of different functions of the web application via requests that lack certain mandatory parameters. This affects ifaces-diag.asp, system.asp, ...
CVE-2019-15625
PUBLISHED: 2020-01-18
A memory usage vulnerability exists in Trend Micro Password Manager 3.8 that could allow an attacker with access and permissions to the victim's memory processes to extract sensitive information.
CVE-2019-19696
PUBLISHED: 2020-01-18
A RootCA vulnerability found in Trend Micro Password Manager for Windows and macOS exists where the localhost.key of RootCA.crt might be improperly accessed by an unauthorized party and could be used to create malicious self-signed SSL certificates, allowing an attacker to misdirect a user to phishi...
CVE-2019-19697
PUBLISHED: 2020-01-18
An arbitrary code execution vulnerability exists in the Trend Micro Security 2019 (v15) consumer family of products which could allow an attacker to gain elevated privileges and tamper with protected services by disabling or otherwise preventing them to start. An attacker must already have administr...
CVE-2019-20357
PUBLISHED: 2020-01-18
A Persistent Arbitrary Code Execution vulnerability exists in the Trend Micro Security 2020 (v160 and 2019 (v15) consumer familiy of products which could potentially allow an attacker the ability to create a malicious program to escalate privileges and attain persistence on a vulnerable system.