FortiGuard Predicts Cyberattacks on Crypto Wallets and Satellite Internet
FortiGuard Labs' global threat intelligence and research team predicted the cyber threat scenario for 2022 and beyond. As work-from-anywhere continues, cyber enemies are adapting and expanding their attack methods to target new areas for exploitation.
This includes the 5G enabled edge, core network, home, and even satellite internet in space. The forward-looking patterns highlight cyber attackers' future strategies, as well as tips to help defenses prepare.
Pre-attack Reconnaissance Boosts Ransomware Attacks
An attack chain like the MITRE ATT&CK framework often discusses left-hand and right-hand threats. Pre-attack efforts include planning, development, and weaponization strategies. On the right is the attack execution phase. According to FortiGuard Labs, cybercriminals will spend more time on reconnaissance and zero-day exploits to increase attack success. Unfortunately, the rising market for Crime-as-a-Service will enhance the rate at which new attacks can be launched on the right.
In the future, ransomware will become more destructive as crimeware expands. Attackers combine ransomware with distributed denial-of-service (DDoS) to overwhelm IT personnel, preventing them from taking quick action to limit damages. Adding a “ticking time bomb” of wiper malware that might destroy systems and hardware makes corporations pay up faster. Wiper malware has already resurfaced, targeting the Tokyo Olympics. Due to the convergence of cybercriminal attack tactics and advanced persistent threats (APTs), destructive capabilities like wiper malware will soon be added to ransomware toolkits.
Detecting odd behavior that may suggest an attack (typically by botnets) is one method AI is utilized defensively
Cybercriminals employ AI to evade complex algorithms designed to detect anomalous activities. Deep fakes are an increasing problem because they employ AI to mimic human behavior and can be used to strengthen social engineering attacks. The growing commercialization of innovative applications will also decrease the bar for deep fakes. These could potentially lead to real-time impersonations across audio and video applications, challenging secure authentication methods like voiceprints or facial recognition.
More Supply Chain Attacks on Targeted Systems: Until recently, Linux was not a key target of the cybercriminal sector. Recently, new malicious binaries targeting Microsoft's WSL (Windows Subsystem for Linux) have been discovered. Also, Linux botnet malware is already being built. This raises the attack surface into the network core and the dangers must be defended. This affects Linux-based OT devices and supply chains in general.
New Land at the Edge
The expanding number of IoT and OT devices, as well as smart devices powered by 5G and AI, are enabling real-time transactions and applications. As cybercriminals target the entire extended network, new edge-based risks will arise. A new generation of cybercriminals will exploit intelligent edges and increased computer power to develop advanced and devastating threats at an unprecedented scale. New assaults will "live off the edge" as edge devices become more powerful and native capabilities increase. Attacks on OT, especially at the edge, are projected to increase as IT and OT networks merge.
A new edge-based threat is emerging. "Living off the land" allows the malware to use existing tools and capabilities within infiltrated environments to disguise attacks and data exfiltration. Domain controllers were used to hosting the Hafnium assaults on Microsoft Exchange servers. Living off-the-land attacks work well because they employ legal tools. As edge devices become more powerful, with more native capabilities, and of course, more privilege, new attacks may be intended to thrive off the edge, not just the land. Edge viruses can steal, hijack, or even ransom key systems, applications, and information without being noticed.
Attacks on Critical Infrastructure are now scalable thanks to the Dark Web. Rather than compete with similar tools, they will add OT-based attacks to their portfolios, as OT and IT convergence at the edge continues. Ransoming such systems and essential infrastructure may be lucrative, but it may also endanger people's lives and safety. Because networks are becoming more interconnected, nearly any access point might be hacked. Attacking OT systems used to be the domain of more specialized threat actors, but attack kits available on the dark web are increasing including such capabilities.
A Cybersecurity Mesh Platform Based Security Fabric Platform
The perimeter is fractured, and cybersecurity teams generally work in silos. A multi-cloud or hybrid model is also becoming popular. These elements combine to make a perfect storm for cybercriminals. It combines security measures into and across widely scattered networks and assets. Security Fabrics provide an integrated security platform that protects assets on-premises, in the data center, cloud, and at the edge.
Threat prevention, detection, and response will be accelerated by integrating AI and machine learning. Malicious threats can be identified using advanced endpoint technologies like endpoint detection and response (EDR). To protect mobile workers and students, zero-trust network access (ZTNA) is crucial, as is Secure SD-WAN. To reduce breaches to a minimum, segmentation will continue to be a key tactic. As assaults get more sophisticated, organizations need to be able to defend quickly. Inter-sector data sharing and collaboration can improve response times and anticipate future attacks. Fighting cybercriminals' supply chains should be a priority.
No comments
Post a Comment