2018 is not yet finished, but Fortinet’s security experts are already presenting the trends that will dominate security in 2019. Attacks are becoming increasingly sophisticated, so artificial intelligence (AI), Swarms-as-as-Service and Machine Learning Poisoning, among others, will be very important next year.
In their predictions, the security experts state that criminals are increasingly weighing up the costs of carrying out attacks. Do the costs outweigh the benefits? As a result, they are increasingly using new and technically more advanced attack techniques that are easy to automate without too much human intervention. Artificial intelligence, machine learning and other automation technology often come into play.
Key trends for 2019
Fortinet’s specialists see the so-called Artificial Intelligence Fuzzing (AIF) as an important trend. Fuzzing is an advanced technique for finding vulnerabilities in hardware, software interfaces and applications by injecting invalid, unexpected or seemingly random data into systems. It examines the resulting events, such as crashes, switching to debugging routines, unsuccessful assertions and potential memory leaks.
The combination of artificial intelligence, such as machine learning, with fuzzing can help cybercriminals discover unknown vulnerabilities more quickly and thus lead to more so-called zero day attacks. In addition, it allows them to develop a simple earning model by offering Zero-day-mining-as-a-Service.
Another trend is the emergence of Swarm-as-a-Service services. Currently, cybercriminals are making significant progress in developing attacks based on swarm technology. According to the experts, the arrival of botnets or hivenets based on swarms is therefore only a matter of time. Cybercriminals are going to create large swarms of intelligent bots that can function both independently and in groups.
These swarming networks raise the bar considerably for the security technologies that organisations use. Moreover, this technology, like zero-day mining, is interesting for the revenue model of cyber criminals. Cybercriminals can pre-program swarms with a variety of analysis tools and exploits and self-learning protocols that allow them to collaborate in groups to refine their attack techniques. Buying cyber-attacks will be just as easy as pointing out dishes on a menu, according to Fortinet.
Machine learning poisoning
The experts also see the rise of Machine Learning Poisoning. Machine learning is one of the most promising weapons of security experts, but it is also used by criminals. By sabotaging the machine learning process, they can teach devices or systems not to install patches, to ignore specific applications or behavioral patterns, and to not log certain data traffic, thus preventing detection. This will have far-reaching consequences for the further development of artificial intelligence and machine learning, according to Fortinet.
Measures to be taken
The experts at Fortinet therefore call on companies and security experts to prepare themselves well. For example, companies and other organisations need to add more advanced deception techniques, such as honeypots, to their security strategies.
In addition, they call for more open cooperation between organisations involved in cyber threat research, industry associations, security suppliers and law enforcement agencies. This can significantly reduce the detection time for new threats, according to the experts.This news article was automatically translated from Dutch to give Techzine.eu a head start. All news articles after September 1, 2019 are written in native English and NOT translated. All our background stories are written in native English as well. For more information read our launch article.