Fortinet today unveiled predictions from the FortiGuard Labs global threat intelligence and research team about the threat landscape for 2021 and beyond.
Derek Manky, Chief, Security Insights & Global Threat Alliances, FortiGuard Labs said, “2020 demonstrated the ability of cyber adversaries to leverage dramatic changes happening in our daily lives as new opportunities for attacks at an unprecedented scale. Going into 2021 and beyond, we face another significant shift with the rise of new intelligent edges, which is about more than just end-users and devices remotely connecting to the network. Targeting these emerging edges will not only create new attack vectors, but groups of compromised devices could work in concert to target victims at 5G speeds. To get out ahead of this coming reality, all edges must be part of a larger, integrated, and automated security fabric platform that operates across the core network, multi-cloud environments, branch offices, and remote workers.”
The Intelligent Edge Is an Opportunity and a Target
Over the past few years, the traditional network perimeter has been replaced with multiple edge environments, WAN, multi-cloud, data center, remote worker, IoT, and more, each with its unique risks. One of the most significant advantages to cybercriminals in all of this is that while all of these edges are interconnected many organizations have sacrificed centralized visibility and unified control in favour of performance and digital transformation. As a result, cyber adversaries are looking to evolve their attacks by targeting these environments and will look to harness the speed and scale possibilities 5G will enable.
• Trojans Evolve To Target the Edge
• Edge-enabled Swarm Attacks
• Social Engineering Could Get Smarter
• Ransoming OT Edges Could Be a New Reality
Innovations in Computing Performance Will Also Be Targeted
Other types of attacks that target developments in computing performance and innovation in connectivity specifically for cybercriminal gain are also on the horizon. These attacks will enable adversaries to cover new territory and will challenge defenders to get ahead of the cybercriminal curve.
• Advanced Cryptomining
• Spreading Attacks from Space
• The Quantum Computing Threat
AI Will Be Critical To Defending Against Future Attacks
As these forward-looking attack trends gradually become reality, it will only be a matter of time before enabling resources are commoditized and available as a darknet service or as part of open-source toolkits. Therefore, it will take a careful combination of technology, people, training, and partnerships to secure against these types of attacks coming from cyber adversaries in the future.
• AI Will Need To Evolve: The evolution of AI is critical for future defence against evolving attacks. AI will need to evolve to the next generation. This will include leveraging local learning nodes powered by ML as part of an integrated system similar to the human nervous system. AI-enhanced technologies that can see, anticipate, and counter-attacks will need to become reality in the future because cyberattacks of the future will occur in microseconds. The primary role of humans will be to ensure that security systems have been fed enough intelligence to not only actively counter-attacks but actually anticipate attacks so that they can be avoided.
• Partnerships Are Vital for the Future: Organizations cannot be expected to defend against cyber adversaries on their own. They will need to know who to inform in the case of an attack so that the “fingerprints” can be properly shared and law enforcement can do its work. Cybersecurity vendors, threat research organizations, and other industry groups need to partner with each other for information sharing, but also with law enforcement to help dismantle adversarial infrastructures to prevent future attacks. Cybercriminals face no borders online, so the fight against cybercrime needs to go beyond borders as well. Only by working together will we turn the tide against cybercriminals.
• Enabling Blue Teams: Threat actor tactics, techniques, and procedures (TTPs), researched by threat intelligence teams, such as threat actor playbooks, can be fed to AI systems to enable the detection of attack patterns. Similarly, as organizations light up heatmaps of currently active threats, intelligent systems will be able to proactively obfuscate network targets and place attractive decoys along attack paths. Eventually, organizations could respond to any counterintelligence efforts before they happen, enabling blue teams to maintain a position of superior control. This sort of training gives security team members the ability to improve their skills while locking down the network.