Personal tools
 

Cybersecurity Threats and Attacks

Washington State_111220A
[Washington State - Forbes]
  

- Overview

In the more than 20 years since the attacks of September 11, 2001, artificial intelligence (AI) and machine learning (ML) have evolved from experimental technologies to important components of U.S. national security strategy. 

They are not just tools; They are force multipliers that increase the efficiency and impact of human operators and decision-makers. However, as we move forward, striking the right balance between technological innovation and ethical responsibility remains critical. 

Continued leadership from leaders in the military, intelligence community, industry, and academia is critical to shaping the future role of AI in defending the nation, allowing us to learn from the past and prepare to address the complex security challenges of the future.

 

- Types of Cybersecurity Threats

Cybersecurity threats are malicious activities that can include:

  • Ransomware: A serious threat to businesses of all sizes, ransomware attacks infect a network and lock down data and computer systems until a ransom is paid.
  • Malware: A broad category of programs and code that can cause damage or provide unauthorized access. Malware is one of the most common types of cybersecurity threats.
  • Social engineering: A hazardous threat that involves misleading a person rather than compromising a security system. 85% of data breaches involve human interaction.
  • Cloud breaches: Hackers can access company data stored in the cloud, resulting in security breaches including data loss, data leakage, and account hijacking.

 

Other types of cybersecurity threats include:

  • Phishing
  • Denial of service (DoS) attacks
  • Software supply chain attacks
  • Advanced persistent threats (APT)
  • Distributed denial of service (DDoS)
  • Man-in-the-middle attack (MitM)
  • Password attacks
  • SQL Injection
  • Cross-Site Scripting (XSS)
  • Whale-Phishing Attacks

 

- Future Threats to Cyber Security

Cybersecurity is the practice of protecting systems, networks, and programs from digital attacks. These attacks are usually aimed at accessing, changing, or destroying sensitive information; extorting money from users; or interrupting normal business processes. IoT security focuses on protecting your Internet-enabled devices that connect to each other on wireless networks. 

Implementing effective cybersecurity measures is particularly challenging today because there are more devices than people, and attackers are becoming more innovative.Three trends to focus on include (a) the expanding cyber-attack surface (remote work, IoT supply chain), (b) Ransomware as a cyber weapon of choice, (c) threats to critical infrastructure via ICS, OT/IT cyber-threat convergence. IoT security is the safety component tied to the Internet of Things, and it strives to protect IoT devices and networks against cybercrime.  

For example, by 2025, it is estimated that there will be more than to 21 billion IoT devices. Cybercriminals will continue to use IoT devices to facilitate DDoS attacks. In 2016, the world was introduced to the first “Internet of Things” malware - a strain of malicious software that can infect connected devices such as DVRs, security cameras, and more. 

The malware accessed the devices using default password and usernames. The malware turned the affected devices into a botnet to facilitate a Distributed Denial of Service (DDoS) attack, which aims to overwhelm websites with internet traffic. The attack ended up flooding one of the largest website hosting companies in the world, bringing a variety of major, well-known websites and services to a halt for hours. 

AI is changing the game for cybersecurity, analyzing massive quantities of risk data to speed response times and augment under-resourced security operations. AI technologies like machine learning and natural language processing enable analysts to respond to threats with greater confidence and speed. 

Cognitive security combines the strengths of AI and human intelligence. Cognitive AI learns with each interaction to proactively detect and analyze threats, providing actionable insights to security analysts for making informed decisions - with speed and accuracy.

 

- Future Big Data and Cybersecurity

As technology continues to grow, so does cyber threats, the volume will continue to grow. One example that can be used is big data. Many companies will depend on big data. Widespread mobile adoption has led to the emergence of social networking, which produces more data. 

The data will eventually be used for research and marketing needs. But often they don't realize that many cyber criminals also want the data. When the data is successfully obtained by cyber criminals. It will have an impact and is terrible.

The future of cybersecurity will center around industry adoption of 5G networks. 5G technology will enable billons of new devices to be connected to the Internet – with more speed, density and efficiency than ever seen before. Therefore, 5G will result in a rise in cybersecurity concerns as hackers are provided greater access to entire networks of connected ‘Things' – from remote sensors to self-driving cars and smart devices in supply chains worldwide.

With the explosion of connected technologies in the past few years, industrial control systems are the wild-west of cybersecurity at the moment. These systems control factories, buildings, utilities, etc. Unfortunately, most systems have little-to-no protection, and best practices are still being adopted very slowly. They also represent extremely high-value targets, especially from a strategic point of view. 

A few new companies have entered the landscape, but it is still an extremely young industry. Companies need to adjust their strategies to make sure IoT and industrial control systems are protected.

 

- Future AI and Cybersecurity

The attack on the open internet has been persisting globally. In the upcoming years, the power of quantum computing and artificial intelligence would take over the world. AI and quantum computing are the two developments that will have a huge impact on everyone in the future. Many machines are now capable of copying what humans can do. 

Surprisingly, some tools can even do tasks better than a normal person. This is what AI does since many activities are considered complicated, the machine is assigned to do them. If it can do good for humans, there are also some bad impacts that AI could produce.

Today, it’s impossible to deploy effective cybersecurity technology without relying heavily on machine learning. At the same time, it’s impossible to effectively deploy machine learning without a comprehensive, rich and complete approach to the underlying data. The future of cybersecurity will have a heavy focus on using machine learning to secure devices and systems in the increasingly connected world. 

With the Internet of Things (IoT) and connected devices proliferating at such an incredible rate, the ways in which we leave ourselves exposed to potential cyber attacks are also increasing. Legacy systems simply do not have the capabilities to keep up with the evolving security threats, and relying solely on human oversight would prove woefully inadequate. 

The future of cyber security lies with AI-drive anti-malware tools, and next-gen firewalls that learn and detect new threats as they evolve as well. Capable automated systems that can monitor, detect, manage, and prevent cyber attacks in real time will be what drives cybersecurity going forward.  

The future of cyber security practice is very bright! As software systems and applications get more complex, the potential for cyber vulnerabilities and gaps will increase exponentially. Furthermore, as more and more high-value information (such as health information, contract data, financial data, etc.) is collected, stored and shared through connected cyber environments over the next decade and beyond, the need for cyber security expertise will explode to combat the expected concurrent increase in cyber hacking and criminal activity.

 

Hanging Train_072322A
[Hanging Train, Wuppertal, Germany]

- Wireless 5G and Beyond Require New Approaches To Cybersecurity

Wireless 5G will be a physical overhaul of our essential networks that will have decades-long impact. Because 5G is the conversion to a mostly all-software network, future upgrades will be software updates much like the current upgrades to your smartphone. 

Because of the cyber vulnerabilities of software, the tougher part of the real 5G “race” is to retool how we secure the most important network of the 21st century and the ecosystem of devices and applications that sprout from that network.  

Never have the essential networks and services that define our lives, our economy, and our national security had so many participants, each reliant on the other - and none of which have the final responsibility for cybersecurity. The adage “what’s everybody’s business is nobody’s business” has never been more appropriate - and dangerous - than in the quest for 5G cybersecurity.

The new capabilities made possible by new applications riding 5G networks hold tremendous promise. As we pursue the connected future, however, we must place equivalent - if not greater - focus on the security of those connections, devices, and applications. To build 5G on top of a weak cybersecurity foundation is to build on sand. This is not just a matter of the safety of network users, it is a matter of national security.

In a world of interconnected networks, devices, and applications, every activity is a potential attack vector. This vulnerability is only heightened by the nature of 5G and its highly desirable attributes. The world’s hackers (good and bad) are already turning to the 5G ecosystem, including key parts of the 5G ecosystem such as: aviation, automobiles, infrastructure control systems, privacy, retail call centers and help desks, hardware in general, drones, IoT, and voting machines.

 

- Tactics, Techniques and Procedures (TTPs)

Tactics, Techniques and Procedures (TTPs), an essential concept in cybersecurity, describes the behavior of a threat actor or group. In cybersecurity, tactics refer to high level descriptions of behaviors threat actors are trying to accomplish. For example, initial access is a tactic a threat actor would leverage to gain a foothold in your network. Techniques are detailed descriptions about the behavior or actions that lead up to the tactic. 

For example, a technique to gain initial access could be phishing.  Procedures are technical details or directions about how a threat actor will leverage the technique to accomplish their objective. For example, procedures about a phishing attack would include the order of operations or phases of the campaign. This could include details about the infrastructure to send malicious emails, who they are targeting, and if they use malspam that contains a link or an attachment.

 

[More to come ...]

 

 

Document Actions