Cybersecurity trends 2018: war between AI of the good and the evil

Tarun Kaura Symantec  

As 2018 approaches with machine learning and artificial intelligence emerging as the top tech trends, Symantec believes cyber criminals also will make use of these technologies to launch more powerful attacks.

Here’s a summary of Symantec analysis of the security market and predictions for 2018, as given by Tarun Kaura, director – Product Management, APJ, Symantec:

Blockchain will find applications outside cryptocurrency with the help of IoT; however, there will be increased security breaches around the existing technologies, wherein cyber criminals will compromise coin-exchanges and users’ coin-wallets since these are the easiest targets, and provide high returns. Another way to launch the assault is to install coin miners on user computers and mobile devices, handing their CPU and electricity over to cyber criminals.

The coming months will see war between AI for the good and AI for the evil. Cyber criminals will use AI to attack and explore victims’ networks, which is typically the most labor-intensive part of compromise after an incursion.

Supply chain attacks are found to moving to the cybercriminal space, and becoming mainstream with the help of human intelligence and AI.With publicly available information on suppliers, contractors, partnerships and key-people, cyber criminals can find victims in the supply chain and attack the weakest link. With a number of high profile successful attacks in 2016 and 2017, cyber criminals will focus on this method in 2018.

File-less and file-light malware will target organizations with less defense mechanisms against these. With fewer Indicators of Compromise (IoC), use of the victims’ own tools, and complex disjointed behaviours, these threats have been harder to stop, track and defend against in many scenarios, Symantec notes. Although these malware will still be outnumbered by orders-of-magnitude as traditional style malware, they will pose a significant threat and lead to an explosion in 2018.

As more organizations turn to Security-as-a-Service (SaaS), the security of this service will pose another challenge to organizations because access control, data control, user behaviour and data encryption vary significantly between SaaS apps.

Among the malware detected so far, financial Trojans are found to cause more loss.  Today the move to mobile application-based banking has curtailed some of the effectiveness, so cyber criminals are now moving their attacks to these platforms. Cyber criminals’ profits from financial Trojans are expected to grow, giving them higher gains as compared to Ransomware attacks.

Expensive connected home devices such as smart TVs, smart toys and smart appliances will be held to ransom. Users are generally not aware of the threats to these devices, making them an attractive target for cyber criminals.

Another serious threat that Symantec forecasts is related to IoT devices. The security vendor predicts many exploitation and hijacking in combination with DDoS attacks will continue to occur as happened in 2017. They will continue exploiting the poor security settings and management of these devices in homes.

Beyond DDoS attacks and ransomware, home IoT devices will be compromised by cyber criminals to provide persistent access to a victim’s network. Persistent access means that no matter how many times a victim cleans their machine or protects their computer, the attacker will always have a backdoor into victims’ network and the systems that they connect to.

Rajani Baburajan

editor@infotechlead.com