This blog is a summary of an article written by Fortinet’s Derek Manky that appeared on the Dark Reading website on April 16, 2019, entitled “New Attacks (and Old Attacks Made New).”
Although cybercriminals depend on innovation in order to stay ahead of security safeguards, they are still subject to keeping costs under control while maximizing ROI. As a result, genuinely new attacks are not only rare, they are vastly outnumbered by reconfigured malware and the resurrection of old attacks in a new wrapper.
Fortinet's Global Threat Landscape Report for Q4 of 2018 again gave proof to this, showing that the use of existing malware or the misuse of FOSS (free/open source software) security tools to target organizations grew by 10% over the quarter. At the same time, unique exploits only increased by 5%. The report also highlighted four additional scenarios that should be considered.
“Gaining access to IoT IP cameras could allow cybercriminals to snoop on private interactions or enact malicious on-site activities (like shutting off cameras to make it easier to physically access a restricted areas). They could also use those cameras as a launching pad to break into the network to start distributed denial-of-service attacks, steal proprietary information, initiate a ransomware attack, and more. Even more concerning, as cybersecurity and physical security continue to merge, compromised IoT security devices can become a conduit to more critical systems such as alarms and fire suppression systems.” —“New Attacks (and Old Attacks Made New)”, Dark Reading, 16 April, 2019
The kind of attack an organization needs to defend against is generally less important than the attack strategy and attack vectors being exploited. Defenses need to evolve to address these new attack strategies, including things like network access control combined with advanced intent-based segmentation. Going forward, organizations will need to include things like artificial intelligence (AI) and machine learning (ML) to combat new, machine-generated attacks, even when their payloads are relics.
The challenge will be threefold. First, attacks will be faster than ever, especially as networks adopt things like 5G connections in their networks. Second, like network devices, attacks will be interconnected, allowing them to perform coordinated attacks targeting multiple vectors simultaneously. And third, attack scenarios will become more complex as criminal actors adopt new strategies to accelerate and automate attacks while evading detection.
Countering such attacks requires transparent visibility across the entire potential attack surface, including social media and mobile devices, and strong, centralized control for a comprehensive and unified defense strategy. When combined real-time threat intelligence feeds, a unified security fabric strategy enables organizations to spot and defeat the flood of new attacks and attack strategies they continually face.
This blog is a summary of content that originally appeared on Dark Reading. To read the entire article, go to “New Attacks (and Old Attacks Made New)” posted on their website.