Fortinet® (NASDAQ: FTNT), the global leader in high-performance cybersecurity solutions, today unveiled predictions from the Fortinet FortiGuard Labs global research team about the threat landscape for 2018. The trends reveal the methods and strategies that cybercriminals will employ in the near future and demonstrate the potential impact of cyberattacks to the global economy. For a detailed view of the 2018 predictions visit our blog. Highlights of the predictions follow:

 

Digital Transformation Being Used for Good and Bad

 

Over the next couple of years, we will see the attack surface continue to expand while broad visibility and control over today’s infrastructures diminish. The proliferation of online devices accessing personal and financial information, and the growing connection of everything – from armies of IoT devices and critical infrastructure in cars, homes, and offices, to the rise of smart cities – have created new opportunities for cybercriminals and other threat actors. The cybercriminal marketplace is adept at adopting the latest advances in areas such as artificial intelligence to create more effective attacks. We anticipate this trend to accelerate into 2018, enabling the destructive trends mentioned below.

  • The Rise of Self-learning Hivenets and Swarmbots: Building on sophisticated attacks like Hajime and Devil’s Ivy or Reaper, we predict that cybercriminals will replace botnets with intelligent clusters of compromised devices called hivenets to create more effective attack vectors. Hivenets will leverage self-learning to effectively target vulnerable systems at an unprecedented scale. They will be capable of talking to each other and taking action based off of local intelligence that is shared. In addition, zombies will become smart, acting on commands without the botnet herder instructing them to do so. As a result, hivenets will be able to grow exponentially as swarms, widening their ability to simultaneously attack multiple victims and significantly impede mitigation and response. Although these attacks are not using swarm technology yet, because they have the footprint in their code, adversaries could convert it to act with more self-learning behavior. Adversaries will use swarms of compromised devices, or swarmbots, to identify and target different attack vectors all at once enabling enormous speed and scale, but where the speed of development removes predictability needed to combat attack. FortiGuard Labs recorded 2.9 billion botnet communications attempts all in one quarter earlier this year, adding some context to the severity of what hivenets and swarmbots could cause.
  • Ransom of Commercial Services is Big Business: Although the threat magnitude of ransomware has already grown 35X over the last year with ransomworms and other types of attacks, there is more to come. The next big target for ransomware is likely to be cloud service providers and other commercial services with a goal of creating revenue streams. The complex, hyperconnected networks cloud providers have developed can produce a single point of failure for hundreds of businesses, government entities, critical infrastructures, and healthcare organizations. We predict that cybercriminals will begin to combine AI technologies with multi-vector attack methods to scan for, detect, and exploit weaknesses in a cloud provider’s environment. The impact of such attacks could create a massive payday for a criminal organization and disrupt service for potentially hundreds or thousands of businesses and tens of thousands or even millions of their customers.
  • Next-gen Morphic Malware: If not next year, soon we will begin to see malware completely created by machines based on automated vulnerability detection and complex data analysis. Polymorphic malware is not new, but it is about to take on a new face by leveraging AI to create sophisticated new code that can learn to evade detection through machine written routines. With the natural evolution of tools that already exist, adversaries will be able to develop the best possible exploit based on the characteristics of each unique weakness. Malware is already able to use learning models to evade security, and can produce more than a million virus variations in a day. But so far, this is all just based on an algorithm, and there is very little sophistication or control over the output. FortiGuard Labs recorded 62 million malware detections in one quarter in 2017. Out of the millions of malware detections we recorded, we saw 16,582 variants derived from 2,534 malware families. One in five organizations also reported malware targeting mobile devices. The increased automation of malware will only make this situation more urgent in the coming year.
  • Critical Infrastructure to the Forefront: Recently, critical infrastructure providers continue to be at the top of the list in terms of the highest concern due to both strategic and economic threats. These organizations run high-value networks that protect vital services and information. However, most critical infrastructure and operational technology networks are notoriously fragile as they were originally designed to be air-gapped and isolated. The expectation to respond at digital speeds to employee and consumer demands has begun to change the requirements of these networks, driving the need for advanced security on networks that were originally designed to operate in isolation. Given the importance of these networks, and the potential for devastating results if they are compromised or knocked offline, critical infrastructure providers are now finding themselves in an arms race with nation-state, criminal, and terrorist organizations. The boldness of adversaries and the convergence of operational and information technology, makes critical infrastructure security a priority in 2018 and beyond.
  • The Dark Web and Cybercrime Economy Offer New Services Using Automation: As the world of cybercrime evolves, so does the dark web. We expect to see new service offerings from the dark web as Crime-as-a-Service organizations use new automation technology for their offerings. We are already seeing advanced services being offered on dark web marketplaces that leverage machine learning. For example, a service known as FUD (Fully Undetectable) is already part of several offerings. This service allows criminal developers to upload attack code and malware to an analysis service for a fee. Afterwards, they receive a report as to whether security tools from different vendors are able to detect it. To shorten this cycle, we will see more machine learning used to modify code on the fly based on how and what has been detected in the lab in order to make these cybercrime and penetration tools more undetectable. Sandbox tools bolstered with machine learning, allow us to quickly identify previously unseen threats and dynamically create protections. There is no reason why this same approach couldn’t be automated and used in the other direction for mapping networks, finding attack targets, determining where those attack targets are weak, or blueprinting a target to conduct a virtual penetration test and then building and launching a custom attack.

 

“Our digital economy is powered by technology innovation that creates an opportunity for good and bad in cybersecurity. The proliferation of online devices and the hyperconnectivity of today has created a criminal playground that is increasingly difficult to secure. At the same time, adversaries are leveraging automation and artificial intelligence at an unfathomable pace and scale across the ever-expanding attack surface. Attacks like WannaCry and NotPetya foreshadow the massive disruptions and economic impacts possible in our near future, resulting from the ransom and disruption of commercial services or intellectual property. Fabric-based security approaches that leverage the power of automation, integration, and strategic segmentation are critical to combat the highly intelligent attacks of tomorrow” said by Derek Manky, Global Security Strategist, Fortinet

 

Staying Ahead of the Threats: Trends and Take-Aways
There is an opportunity for enterprising cybercriminals enabled by advances in automation and artificial intelligence to use the right tools to severely compromise our digital economy. Security solutions need to be built around integrated security technologies, actionable threat intelligence, and dynamically configurable security fabrics. Security should operate at digital speeds by automating responses as well as applying intelligence and self-learning so that networks can make effective and autonomous decisions. This will not only expand visibility and centralize control, but also enable strategic segmentation in order to drive security deep into the network infrastructure to quickly identify, isolate, and remediate compromised devices and thwart attacks, even across different network ecosystems, from endpoint devices and local network resources to the cloud. In addition, basic security hygiene needs to become part of fundamental security protocols. It is something often overlooked, but crucial to limit the bad consequences we want to avoid.


RECOMMENDED ARTICLE FOR TECHWORLD


 
Industry Leading Technology Partners Join the Fortinet Security Fabric Ecosystem
Techworld Date Posted: 23 November 2017 10:28 AM | 239 Views
Fortinet® (NASDAQ: FTNT), the global leader in high-performance cybersecurity solutions, today announced the addition of 11 industry-leading information technology providers to its Fabric-Ready Partner Program. See More
 
Industry Leading Technology Partners Join the Fortinet Security Fabric Ecosystem
Techworld Date Posted: 10:28 AM | 239 Views
Fortinet® (NASDAQ: FTNT), the global leader in high-performance cybersecurity solutions, today announced the addition of 11 industry-leading information technology providers to its Fabric-Ready Partner ProgramSee More

 
Apacer AH790 Lightning Swivel USB Flash Drive for iPhone/iPad Expanding more External Memory in Your Apple Devices
Techworld Date Posted: 28 September 2017 3:23 PM | 142 Views
Apacer, a mobile storage solution expert, introduces AH790 dual interface swivel flash drive for iOS devices. Aesthetically built with zinc alloy and equipped with USB 3.1 Gen1 Type-A and Lighting connectors, AH790 is the.... See More
 
Apacer AH790 Lightning Swivel USB Flash Drive for iPhone/iPad Expanding more External Memory in Your Apple Devices
Techworld Date Posted: 3:23 PM | 142 Views
Apacer, a mobile storage solution expert, introduces AH790 dual interface swivel flash drive for iOS devices. Aesthetically built with zinc alloy and equipped with USB 3.1 Gen1 Type-A and Lighting connectors, AH790 is the...See More

 
ADATA XPG Announces Partnership with Flash Wolves eSports Organization
Techworld Date Posted: 7 September 2018 4:21 PM | 116 Views
ADATA® Technology, a leading manufacturer of high-performance DRAM modules and NAND Flash products, today announced that is has formed a partnership with one of Taiwan’s biggest names in eSports, the Flash Wolves. This partnership.... See More
 
ADATA XPG Announces Partnership with Flash Wolves eSports Organization
Techworld Date Posted: 4:21 PM | 116 Views
ADATA® Technology, a leading manufacturer of high-performance DRAM modules and NAND Flash products, today announced that is has formed a partnership with one of Taiwan’s biggest names in eSports, the Flash Wolves. This partnership...See More

 
Kaspersky Lab Deploys Industrial CyberSecurity Solutions, Leverages on iTrust Test Bed
Techworld Date Posted: 22 January 2018 3:13 PM | 181 Views
Kaspersky Lab recently announced the deployment of Kaspersky’s Industrial CyberSecurity (KICS) solutions at the Secure Water Treatment (SWaT) test bed of iTrust, a centre for cyber security research of the Singapore University of Technology.... See More
 
Kaspersky Lab Deploys Industrial CyberSecurity Solutions, Leverages on iTrust Test Bed
Techworld Date Posted: 3:13 PM | 181 Views
Kaspersky Lab recently announced the deployment of Kaspersky’s Industrial CyberSecurity (KICS) solutions at the Secure Water Treatment (SWaT) test bed of iTrust, a centre for cyber security research of the Singapore University of Technology...See More

 
Free Tickets or Free Malware: Kaspersky Lab Warns Against Fake Airline Promos Online
Techworld Date Posted: 9 May 2018 5:04 PM | 162 Views
Summer holidays are when most people’s penchant for travel heats up. But it’s also the time when cybercriminals trick those with wanderlust easily so Kaspersky Lab advises Filipinos to be more vigilant against airline.... See More
 
Free Tickets or Free Malware: Kaspersky Lab Warns Against Fake Airline Promos Online
Techworld Date Posted: 5:04 PM | 162 Views
Summer holidays are when most people’s penchant for travel heats up. But it’s also the time when cybercriminals trick those with wanderlust easily so Kaspersky Lab advises Filipinos to be more vigilant against airline...See More


 
Kaspersky Lab Boosts Bug Bounty Program with New Reward of $100,000 – in Frame of its Global Transparency Initiative
Techworld Date Posted: 12 March 2018 10:41 AM | 635 Views
As part of its Global Transparency Initiative, Kaspersky Lab is extending its successful bug bounty program to include rewards of up to $100,000 for the discovery and responsible disclosure of severe vulnerabilities in some.... See More
 
Kaspersky Lab Boosts Bug Bounty Program with New Reward of $100,000 – in Frame of its Global Transparency Initiative
Techworld Date Posted: 10:41 AM | 635 Views
As part of its Global Transparency Initiative, Kaspersky Lab is extending its successful bug bounty program to include rewards of up to $100,000 for the discovery and responsible disclosure of severe vulnerabilities in some...See More

 
Fortinet® Recommended in NSS Labs Data Center Security Gateway Test
Techworld Date Posted: 11 January 2018 9:16 AM | 293 Views
(NASDAQ: FTNT), the global leader in broad, integrated and automated cybersecurity solutions, today announced its results in the inaugural NSS Labs Data Center Security Gateway group test report. The testing revealed that Fortinet®’s FortiGate.... See More
 
Fortinet® Recommended in NSS Labs Data Center Security Gateway Test
Techworld Date Posted: 9:16 AM | 293 Views
(NASDAQ: FTNT), the global leader in broad, integrated and automated cybersecurity solutions, today announced its results in the inaugural NSS Labs Data Center Security Gateway group test report. The testing revealed that Fortinet®’s FortiGate...See More

 
Apacer Launches the AH336 and AC233 in Partnership with P714
Techworld Date Posted: 3 November 2017 10:45 AM | 336 Views
When pursuing a dream, we all need the support and company of friends. Apacer partnered with P714, a Taiwanese illustration brand famous for their heartwarming, adorable designs, in creating 3 special edition flash drives.... See More
 
Apacer Launches the AH336 and AC233 in Partnership with P714
Techworld Date Posted: 10:45 AM | 336 Views
When pursuing a dream, we all need the support and company of friends. Apacer partnered with P714, a Taiwanese illustration brand famous for their heartwarming, adorable designs, in creating 3 special edition flash drives...See More

 
Kaspersky Lab Launches Awards Campaign to Increase Awareness on Internet Safety
Techworld Date Posted: 9 August 2017 1:35 PM | 175 Views
Kaspersky Lab has launched a campaign in Asia Pacific to educate the public and spread awareness on Internet safety. Known as the Goondus Awards, the campaign is inviting submissions from the public on Internet.... See More
 
Kaspersky Lab Launches Awards Campaign to Increase Awareness on Internet Safety
Techworld Date Posted: 1:35 PM | 175 Views
Kaspersky Lab has launched a campaign in Asia Pacific to educate the public and spread awareness on Internet safety. Known as the Goondus Awards, the campaign is inviting submissions from the public on Internet...See More


Power by

Download Free AZ | Free Wordpress Themes