16 Feb The Cyber Security Arms Race

Each year kicks off with the release of trends and figures stating the increasing volume and sophistication of cyber-attacks. We’ve seen organised crime prosper through illegal offerings such as Ransomware as a Service (RaaS) platforms and DDoS-for-hire services, and anonymous Crypto currencies are providing an easy form of payment for these services, and the ransoms demanded.

Cybercrime has been estimated to cost USD$6 Trillion per year by 2021, driving businesses to invest more into their cyber security capabilities, to defend against attacks as well as help mitigate the costs of a potential breach. The increase in cybercrime, and resulting investment to improve defences, is driving strong investment into innovative technical controls incorporating Artificial intelligence (AI). Machine Learning, an application of AI, is being applied to improve Malware detection, network traffic analysis and intrusion detection.

Just as the advancements in technologies help security professionals identify and neutralise potential threats more effectively, it also provides the tools for hackers to undertake larger, more complex attacks. And these attacks are evolving faster than our defences can keep up. An example of Machine Learning used in the development of Malware was presented early last year, with the authors of a published paper describing how they were able to build a generative adversarial network (GAN) based algorithm to generate adversarial malware able to bypass machine-learning-based detection systems.

Further to the threat of Malware, 2018 comes with the prediction of the rise of self-learning Hivenets. Hivenets are intelligent clusters of compromised devices leveraging machine learning to identify and target vulnerable systems. Hivenets are able to act on commands without human interaction, delivering automated and unprecedented attacks.

Because of the continuing advancements and investment into Cyber Security, cyber defences are and will continue to be more effective. Unfortunately, the same holds true for cyber-attacks. Ransomware alone is estimated to be a billion-dollar a year industry and with anonymous forms of payment, the economics of cyber-attacks are heavily weighted in favour of the attacker.

The evolving threat landscape highlights the importance for custodians of data to remain vigilant. The use of even the most advanced technical controls should be viewed as one line of defence. Policies and procedures need to be implemented, and followed, to mitigate risks and the impact of a potential breach, and investment into employee training and attack simulations are key to mitigating against today’s threats.

by Nick Sharp, Business Development Manager at Sense of Security