Fortinet’s New Threat Predictions For 2020

Fortinet’s New Threat Predictions For 2020

Spotlight

In COVID-Free Town, Learning Goes On Under The Trees, In Open Spaces

The town of Paglat, which hasn’t had a single case of COVID-19 since the pandemic, is among the few places in the Philippines where learners cope with school work through in-person tutorials.

Add To Cart: Synergeia Launches Online Store In Aid Of Parents

As part of their efforts to help boost income of parents amid the COVID-19 pandemic, Synergeia Foundation has launched an online store where parents can sell anything.

Filipino PR Executive Wins People Of The Year 2020 In Beijing

PAGEONE Group CEO Ron F. Jabal was recognized as People of the Year 2020 in the Golden Flag Awards — one of most prominent PR awards in China!

Children Still Survive In Makeshift Homes And Miss Out On Learning After Typhoon Rolly

"Our house was destroyed because we are poor," said nine-year-old Maria who was among the thousands of children left homeless when Super Typhoon Rolly made landfall in Albay.

Every year at this time I gather together my latest research in cybercrime trends, threat research, and technology development and pull together a white paper that projects what the cybersecurity landscape will look like, both near term as well as out into the future. I think this exercise is essential because much of the success of the cybercriminal community has been due to their ability to successfully predict and exploit networking and technology decisions made by their targeted victims.

Cybercriminals use a multi-pronged approach for their attack strategies. The most commonly understood is the development of increasingly sophisticated attack methodologies. For example, we have seen a rise in the use of Advanced Evasion Techniques (AETs) designed to prevent detection, disable security functions and devices, and operate under the radar.

However, two additional strategies are worth noting. First, like any enterprise, they don’t spend money when they don’t have to. The latest Threat Landscape Report from Fortinet, for example, shows that cybercriminals were more likely to target vulnerabilities from 2007 than they were from 2018/2019 – and the same holds true for every year in between. There is no reason to develop a new malware tool when organizations seem all too willing to leave the front door unlocked.

The other strategy is to target as many attack vectors as possible. For example, in this same report, criminals are increasingly targeting publicly facing edge services, perhaps in response to organizations over-rotating on training personnel and upgrading their email security gateways to combat phishing. Different attack vector, same outcome.

Interestingly, this same strategy undergirds the power of swarm-based attacks, a developing attack strategy I have been talking about for some time. Intelligent swarms of customizable bots, grouped by specific attack function and that can share and learn from each other in real time, could potentially target a network and, by attacking it on all fronts simultaneously, simply overwhelm the network’s ability to defend itself.

Who Has the Upper Hand?

These trends are important to understand because in the cyber arms race, the criminal community has often had a distinct advantage. And given the continued reliance on traditional point products and stovepiped security strategies used by many organizations, that looks likely to continue for some time – unless organizations make a complete paradigm shift as to how they think about and deploy security.

So far, however, some organizations continue to use the same failed strategies to secure new networked environments, such as isolating cloud instances with separate security tools – a strategy that adds additional complexity to already overburdened IT staff, while simultaneously reducing the visibility and control needed to identify and stop multi-vector attacks designed to exploit this specific vulnerability.

The adoption of 5G, however, may end up being the catalyst for a radical paradigm shift in security because it will be the perfect incubator for the development of functional swarm-based attacks. Because 5G-enabled edge networks will be able to create local, ad hoc networks on the fly that can quickly share and process information and applications, groups of compromised devices could work in concert to target victims at 5G speeds. Given the intelligence, speed, and localized nature of such an attack, few current security technologies would be able to effectively fight off such a persistent strategy.

We Can Turn the Tables with AI

To get out ahead of this cycle, organizations need to begin to use the same sorts of technologies and strategies to defend their networks that criminals are using to compromise them. That means adopting an intelligently integrated approach that leverages the power and resources of today’s enterprise.

AI represents one of our best hopes for being able to get out in front of this issue. The goal is to develop an adaptive immune system for the network similar to the one in the human body. In the body, white blood cells come to the rescue when a problem is detected, acting autonomously to fight infection, while sending information back to the brain for more processing ­– like marshalling additional resources or remembering to take an antibiotic.

As AI progresses from its current form, where it is used primarily to sift through mountains of data to solve a problem, it will be able to function more like a human immune system or neural network. AI will rely on interconnected, regionally deployed learner nodes to collect local data and then share, correlate, and analyze that intelligence in a distributed manner.

Interesting Developments Ahead

This article only touches on a few of the ideas, there are a number of interesting trends that business executives and IT teams alike should be familiar with. They include:

• Combining machine learning with statistical analysis to Predict Attacks by uncovering the underlying attack patterns of cybercriminals, thereby enabling an AI system to predict an attacker’s next move, forecast where the next attack is likely to occur, and even determine which threat actors are the most likely culprits.

• A deep look at how Deception Technologies can be used to create a virtually insurmountable layer of defense around your network, regardless of how far it has been distributed.

• Recent developments in Law Enforcement that will enable them get out ahead of cybercrime.

• And the rise of New Zero-Day Exploits that, when combined with AI-enabled systems, will enable cybercriminals to strike in ways and places that many organizations are simply unprepared to defend.

Start with an Integrated Strategy

These trends only further underscore the need to take a new approach to security, designed around the principles of integrated solutions, advanced AI and machine learning, and related techniques. Interconnectivity between machine learning systems will be especially critical so that localized machine learning nodes can adapt to a local environment’s unique configuration.

By shifting responsibilities to autonomous self-learning processes that function similarly to human autoimmune systems – such as hunting for, detecting, and responding to security events – valuable cybersecurity professionals will have the time and resources to adopt advanced security-driven network strategies designed for today’s continually evolving networks.

Ilocos Norte Bans Mass Gatherings

As of December 1, Ilocos Norte has recorded a total of 379 cases with 181 recoveries and two deaths.

JTF Covid Shield Eyes Stricter Protocols This Yuletide Season

Amid the anticipated influx of shoppers this holiday season, Interior Secretary Eduardo Año says they will be stricter in enforcing health protocols to prevent the spread of COVID-19.

Gatchalian Mulls Law On Providing Laptop, Connectivity For Every Public School Learner

Senator Win Gatchalian eyes introducing legislation that will give every public school learner a laptop and access to the internet.

Cebu City To Allow Misa De Gallo In Churches, Not In Malls

Aside from the strict observation of quarantine protocols, churches must also observe the 50% capacity limit.

Children Still Survive In Makeshift Homes And Miss Out On Learning After Typhoon Rolly

"Our house was destroyed because we are poor," said nine-year-old Maria who was among the thousands of children left homeless when Super Typhoon Rolly made landfall in Albay.

GSIS To Release Php3.3B In Christmas Cash Gift To Pensioners Starting Dec 1

Good news! GSIS announced that it will start to release a total of Php3.3 billion in Christmas cash gift to a total of 330,496 old-age and disability pensioners starting December 1.

BDO Waives Overseas Remittance Fee For Donations To Typhoon Victims

To help its fellow kababayans hit by the successive typhoons, BDO is waiving the remittance fee on donations from overseas Filipinos coursed through different foundations.

Leyte Seeks Month-Long Ban For Returning Residents

According to Leyte Vice Governor Carlo Loreto, the temporary suspension is based on the request of mayors to ban the acceptance of returning residents from Dec. 1 to 31.

Bong Revilla’s Appearance In GMA’s Station ID Draws Flak

A netizen reacted and said, “Jusko po (face palm emoji) my reaction when I saw Bong Revilla on GMA Christmas Station ID (clown emoji).”

Grab Leads Wide Celebration And Appreciation For Filipino Drivers And Delivery Riders

To show appreciation for all modern-day heroes, Grab brought together the Filipino community in celebration of the Araw ng Tagapaghatid last November 29, 2020.