Fortinet predicts hackers will leverage self-learning on latest technologies to support their attacks

Posted on Dec 12 2017 - 11:19am by Reynaldo Vicente

Cybersecurity solutions provider Fortinet, through its Fortiguard Labs global research team, predicts the emergence of very destructive and self-learning “Swarm” cyber attacks in 2018, as cybercriminals adopt the latest advances in Artificial Intelligence (AI), Machine Learning and Internet of Things (IoT) to create more effective attacks.

Credit: The Digital Artist | Pixabay

The growth in the production and use of online devices coupled with the increasing connection of everything – from IoT devices and critical infrastructure to the rise of smart cities – offered new opportunities for cybercriminals to employ new threats or attacks and exploit new vulnerabilities.

Nap Castillo, regional pre-sales consultant at Fortinet, said hackers will leverage self-learning on latest technologies including Artificial Intelligence, Internet of Things and even Internet of Everything to support their attacks and even come up with more destructive cyberattacks.

Castillo said one of the predictions is that botnets with intelligent clusters of vulnerable devices or hivenets will create more effective attack vectors. Hivenets will leverage self-learning in targeting compromised devices at an unprecedented scale so they can talk to each other and take action based on local intelligence that is shared. As a result, hivenets will be able to grow exponentially as swarms, allowing them to widen their ability to simultaneously attack multiple victims and significantly impede mitigation and response. Adversaries will use swarms of compromised devices, or swarmbots to identify and target different attack vectors all at once enabling enormous speed and scale. FortiGuard Labs recorded 2.9-billion botnet communications attempts all in one quarter this year, adding some context to the severity of what hivenets and swarmbots could cause.

READ:  SPs must embrace the cloud

Cloud service providers and other commercial services having a goal of creating revenue streams are predicted to be likely the next big target of ramsonware. The complex, hyperconnected networks that cloud providers have developed can produce a single point of failure for hundreds of businesses, government entities, critical infrastructure, and healthcare organizations. Cybercriminals, as predicted, will begin to combine AI technologies with multi-vector attack methods to scan for, detect, and exploit weaknesses in a cloud provider’s environment. The impact of such attacks could create a massive payday for a criminal organization and disrupt service for potentially hundreds or thousands of businesses and tens of thousands or even millions of their customers.

Next-generation polymorphic malware that are created by machines based on automated vulnerability detection and complex data analysis is coming soon, if not next year. The morphic malware will take on a new face by leveraging AI to create sophisticated new code that can learn to evade detection through machine written routines. This malware is able to use learning models to evade security, and can produce more than a million virus variations in a day. The increased automation of malware will only make this situation more urgent in the coming year.

Critical infrastructure providers continue to be on the top of the list in terms of risk because they are strategic and state-sponsored, according to Castillo. They run high-value networks but are notoriously fragile as they were designed to be air-gapped and isolated. Due to these networks and the potential for devastating results should they be compromised or knocked offline, these providers are finding themselves in an arms race with cybercriminals which put them in a difficult situation.

READ:  Ransomware attacks targeting Android-based devices increased four-fold in just one year

The Dark Web is expected to evolve, offering new services as Crime-as-a-Service organizations use new automation technology for their offerings. There are advanced services being offered on Dark Web marketplaces that leverage Machine Learning. An example of these services is the FUD (Fully Undetectable) which allows criminal developers to upload attack code and malware to an analysis service for a fee. Afterwards, a report as to whether security tools from different vendors are able to detect it will be received.

As cybercriminals are taking advantage of latest technologies to create effective attacks, Fortinet is addressing this issue by integrating its security technologies to boost security across networks and into the cloud. This effort is called Fortinet Security Fabric which integrates network and security technologies into a single architecture to provide actionable threat intelligence, security to different networks, and configurable security fabric. Fortinet’s security product portfolio includes threat protection, cloud security, app security, enterprise firewall, and secure access.

Related Posts

Parents lack visibility and control over kids’ onl... Parents need to do more to protect their kids from the growing number of online threats, but many currently lack visibility of the dangers their child...
Eastern Communications joins JFC in support of Phl... The Joint Foreign Chambers of the Philippines (JFC) held the 6th Arangkada forum, themed “Implementing the 10-Point Agenda”. Co-sponsored by Eastern C...
Wedge Networks launches Cloud Network Defense Wedge Networks has launched the Cloud Network Defense (CND), said to be a radical new means to deliver high levels of cyber security – on demand and c...
Bad password habits ‘like leaving the front ... Internet users across the globe are yet to master how to use passwords effectively to protect themselves online. Research from Kaspersky Lab has shown...
IBM launches IBM Alert Notification Service IBM announced IBM Alert Notification Service, a new service on IBM Cloud which enables DevOps teams to receive and respond to early, critical alerts a...
Five security must-do’s for first time cloud users... By Jeff Castillo Country Manager, Fortinet Philippines What do Apple, Amazon and Microsoft have in common? The answer: All three technology giant...
KINGMAX launches OTG USB flash drives The convenience of cloud applications has altered the habits of Internet users. Today, more and more online service providers are giving their best ...
IBM eyes to help developers bridge on-premise appl... IBM announced a new version of its database software, IBM DB2 V11.1, to help developers bridge on-premise applications to the cloud and enable a hybri...
Your favorite superhero could be a super cyber vil... As comic fans prepare for the upcoming Comic Con, the premier comic book and popoular arts style convention convention in the world, McAfee releases i...
Infinera increases focus on cloud networks Infinera, provider of Intelligent Transport Networks, has announced the formation of a cloud networks group to strengthen Infinera's presence in the d...
About the Author

REYNALDO “Rey” R. VICENTE’s career experience involves mostly research in publishing companies. He previously held the position of Research and Events Director of Media G8way Corp., publisher of Computerworld Philippines (CWP), PC World Philippines, and IT Resource. He also handled events organized for CWP. Prior to this, he was a Research Head of a business publication. Now as co-publisher of Upgrade Magazine, Rey also serves as Managing Editor. Rey finished his bachelor’s degree majoring in Economics at the University of Santo Tomas.

Leave A Response