Fidelity bank banner UBA banner
Cyber security: The winner takes it all

By News Express on 18/02/2018

Share on facebook Yahoo mail icon Gmail icon Share on Google+

Views: 691

•Networks Unlimited MD Anton Jacobsz
•Networks Unlimited MD Anton Jacobsz

 It is pretty much a given that the majority of people have their personal information documented somewhere in virtual space. This data has been captured in many forms and bits and bytes through online transactions, social engagement, studies, business and work, shopping, medical treatments, and also through play (such as answering those fun personality quizzes on Facebook, for example, or by gaming). The thing is though, to live, survive and cope in this world, internet users are arguably forced to put their trust into the custodians of their data to keep it safe, accessible at any time from anywhere and, of course, on a multiple of devices and platforms.

So, unless your aim is to hide from civilisation, it is essential that businesses and individuals know all the risks and how to prevent them.

“Personal information is boosting the phenomenal innovations happening in the AI, machine learning and deep learning spaces,” says Anton Jacobsz, managing director at value-added distributor, Networks Unlimited. “But, where there is a door in to reach this info, there is also the danger of cyber criminals slipping through keyholes and squeezing in under doorframes, all with the basic aim of using data maliciously. Of course, the more machines that are connected – think Internet of Things (IoT) and all things smart: cars, homes, mobile devices, industry machines, utilities, and more – the more widespread the potential cybercrime infestation and destructive aftermath becomes.”

A blog published by Fortinet, securers of the largest enterprise, service provider, and government organisations around the world, and whose solutions are channelled into Africa by Networks Unlimited, states: “The cybercriminal marketplace is adept at adopting the latest advances in areas such as artificial intelligence to create more effective attacks.”

The blog highlights that Fortinet expects this trend to accelerate into 2018, enabling additional destructive trends.

“All users of the Internet should take heed of these trends,” Jacobsz emphasises.

These trends, in summary, are:

The rise of hivenets and swarmbots

“… it is easy to predict that cybercriminals will eventually replace botnets built with mindless zombie devices with intelligent clusters of compromised devices to create more effective attacks. This would be a hivenet instead of a botnet. It would be able to use millions of interconnected devices, or swarmbots, to simultaneously identify and tackle different attack vectors, enabling attacks at an unprecedented scale,” explains the blog. “Such hivenets are especially dangerous because, unlike individual zombies, individual swarmbots are smart. They are able to talk to each other, take action based on shared local intelligence, use swarm intelligence to act on commands without the botnet herder instructing them to do so, and recruit and train new members of the hive. As a result, as a hivenet identifies and compromises more devices it will be able to grow exponentially, and thereby widen its ability to simultaneously attack multiple victims.”

Ransom of commercial services is big business

“The next big target for ransomware is likely to be the ransom of commercial services such as cloud service providers. The financial opportunities are clear. Cloud computing is expected to grow to USD162 billion by 2020, with a compound annual growth rate (CAGR) of 19 percent. In addition, successfully taking down a cloud provider is a one-to-many opportunity. The complex, hyperconnected networks that cloud providers have developed can produce a single point of failure for dozens or even hundreds of businesses. (Think Mirai taking out a DNS hosting provider),” states the blog. Further, it warns, “Cloud services are centralised and present a huge potential attack surface. Rather than hacking businesses individually, criminals that are able to infiltrate a single cloud environment would potentially have access to data from dozens or hundreds of organisations, or be able to wipe out an entire range of services with a single attack.

“And it’s not just businesses that would be affected. Government entities, critical infrastructure, law enforcement, healthcare, and a wide range of industries of all sizes all use the cloud – and many of them use the same cloud provider. If a cyberterrorist is able to take down a single major cloud service provider, the implications could be devastating.”

Next-gen morphic malware.

The blog also predicts that adversaries will begin to leverage automation and machine learning in their attack tactics, techniques, and procedures (TTP). “Current polymorphic malware, for example, has been around for decades. It already uses pre-coded algorithms to take on a new form to evade security controls, and can produce more than a million virus variations per day. But so far, this process is just based on an algorithm, and there is very little sophistication or control over the output,” it continues. “Next-gen polymorphic malware built around AI, however, will be able to spontaneously create entirely new, customised attacks that will not simply be variations based on a static algorithm. Instead, they will employ automation and machine learning to design custom attacks to quickly compromise a targeted system and effectively evade detection. The big difference is the combination of discipline and initiative.”

Critical infrastructure to the forefront

“Most critical infrastructure and OT networks are notoriously fragile, and originally designed to be air-gapped and isolated. But the need to respond at digital speeds to employee and consumer demands has begun to change that, making everything exposed (look at cloud-enabled SCADA services.) Applying security as an afterthought once a network designed to operate in isolation is connected to the digital world is rarely very effective,” notes the blog. “Because of the high value of these networks, and the potential for devastating results should they be compromised or knocked offline, critical infrastructure and healthcare providers are now finding themselves in an arms race with cybercrime organisations. This puts them in a difficult position because while they need to trust new connected systems that provide both increased intelligence and security in order to survive, the risks are real.”

The dark web and cybercrime economy offer new services using automation

“We expect to see new service offerings from the dark web as Crime-as-a-Service organisations use new automation technology for their offerings. We are already seeing advanced services being offered on dark web marketplaces that leverage machine learning. For example, a service known as FUD (fully undetected) is already part of several offerings. This service allows criminal developers to upload attack code and malware to an analysis service for a fee. Afterwards, they receive a report as to whether security tools from different vendors are able to detect it,” the blog points out, and also observes that “Infected machines leveraging Coinhive is a latest example – browser plugins that infect end-user machines to hijack their CPU cycles to mine for virtual currency. This process is rapidly accelerating the time from concept to delivery of new malware that is both more malicious and more difficult to detect and stop. Once true AI is integrated into this process, offense vs defence (time to breach vs time to detect/ protect) will be reduced to a matter of milliseconds rather than the hours or days it does today.”

Jacobsz remarks that phenomenal innovation in digital has led to many positive elements in both business environment and personal life. “Unfortunately, it has also given opportunity to criminal acts that only a few decades – sometimes as short as a year – were unheard of. As such, each innovation needs to be seen from every possible angle – both the good and the bad, in order to provide users with the finest and most secure solution.”

This essentially means that security intelligence, automation and innovation needs to be as fast and on par with every digital innovation – it’s a big and challenging job, but as the blog concludes: “Like it or not, this is a winner-takes-all scenario. Organisations that fail to prepare now may not be able to catch up once it moves to the next level of sophistication.”

Source News Express

Posted 18/02/2018 09:56:42 AM

 

Share on facebook Yahoo mail icon Gmail icon Share on Google+


 

CLASSIFIED ADS

 

You may also like...
No N75bn cash handed over by Peter Obi...

Olu of Warri’s exit painful, says Saraki

6 arrested for kidnapping along Abuja-Kaduna Road

IFJ demands justice for murdered journalist

Man cheated in ransom sharing by gang after...

Bill Gates to pay Nigeria’s $76m debt

Army recalls over 3,000 soldiers sacked in connection...

Prepare in advance for challenges of doing business...

Politics of the stomach: Fayose shares 30,000 bags...

Nutritionist identifies evils of malnutrition

INEC plotting to rig Imo senatorial re-run election...

Judiciary: Why corrupt Judges should be jailed —Activists...

 

Latest News British PM Theresa May survives vote of confidence 2019: Agbaje lashes Sanwo-Olu; insists Lagosians in bondage, need liberation Why there will be no peace in APC: Communications Minister Adebayo Shittu Cashier, wife, mother-in-law docked for bank fraud APC, Presidency designing plots to frustrate PDP governors: Secondus Whistle blowers charged with conspiracy to rob Gov. Dickson to remain in prison Police most violator of human rights, survey finds DTSG assures of effective healthcare coverage Sack Tambuwal from office, APC begs S’Court NPA concessions Terminal B, Warri Old Port FG blames N’Assembly for delay in 2019 Budget presentation Kaduna Polytechnic joins ASUP strike

 

Most Read NUDE PHOTO OF OMOTOLA JALADE-EKEINDE surfaces online (429,913 views) Nigerian female sex addict opens up, says ‘I like it with both men and women’ (394,851 views) Shameless Genevieve Nnaji exposes breasts in public (327,723 views) Finally named: The full list of friends of Nigerian female sex addict who prowled Facebook (281,150 views) OLUMBA OLUMBA OBU (the one who called himself God) IS DEAD (247,847 views) Igbo scholar disgraces Femi Fani-Kayode •Demolishes claims on Igbo/Yoruba history with facts and figures (229,277 views) Breaking News: POPULAR REVEREND CONVERTS TO ISLAM in Kaduna (Nigeria) (212,126 views) OBJ’s son reported dead in Lagos plane crash •Names of more victims emerge (193,333 views) My wasted years in Olumba Olumba Obu’s Evil Brotherhood (179,621 views) THE FINAL DISGRACE: Igbo scholar unleashes more facts about Igbo/Yoruba history, finishes off Femi Fani-Kayode with second article (170,463 views) Lagos plane crash: Journalist releases victims’ names (167,246 views) Gunmen kill ASP, 2 other police officers in vain bid to kidnap Rivers PDP chieftain (153,704 views)

 

Zenith Zero Balance First Bank chat banking

 

Categories Advertorials (3) African Press Organisation (81) Art & Literature (76) Business & Economy (3,875) Business Verdict (54) Columnists (973) Complaints & Requests (95) Enterprise & Opportunities (208) Entertainment (575) Features (679) Global Business Monitor (313) International (2,814) Interview (167) Live Commentary (28) Love Matters (146) Maggie's Blog (69) News (41,381) Opinion (1,151) Pidgin (13) Politics (8,147) Religion (913) Sports (1,817) Stock Watch (35) AMA & Al Jazeera Global Update

 

 

 

 

APO Group Partner

 

 

CLASSIFIED ADS

GOCOP Accredited Member

GOCOP Accredited member

 

 

Africa Media Agency and Al Jazeera