Cybercriminals - Afrikan Heroes

Using AI to Beat Cybercriminals at Their Own Game

July 28, 2021

By Derek Manky

Artificial intelligence (AI) technology is a powerful technology, and because of this, it holds great potential for exploitation by cybercriminals. Considering this, the only way that security leaders can stay ahead of bad actors is by gaining a true understanding of how this technology can be weaponized. Then, they can begin to develop effective strategies for confronting AI threats head-on.

Malicious Uses of AI Technology

As AI grows in adoption and sophistication, cybercriminals are looking for ways to seize upon its potential. The Electronic Frontier Foundation was already warning about potential malicious uses of AI back in 2018, including threats to digital, physical, and political security. And now, AI precursors combined with swarm technology can be used to infiltrate a network and steal data.

Hacking into a network used to take months. But with AI and machine learning (ML) technologies on their side, cybercriminals can see this time span reduced to a matter of days. As more AI-enhanced attacks are orchestrated, the techniques used in these events become increasingly available and inexpensive for more and more cybercriminals.

Automated and scripted techniques can also exponentially increase the speed and scale of a cyberattack. The ability to automate the entire process of mapping networks, discovering targets, finding vulnerabilities, and launching a custom attack significantly increases the volume of attacks even a single bad actor can pull off.

Complex Networks Often Lack a Cohesive Security Strategy

Often, network security architectures are not designed to stand up to these types of attacks. For example, it’s not uncommon for an organisation to use 30 or more security-related point products within their environments. With such a setup, getting a big picture view of the organisation’s security architecture requires manual consolidation of data across the different applications.

This also leaves such organisations unable to quickly launch an effective coordinated response to a network-wide attack. And as cybercriminals continue to minimise their exploit times, IT security teams are left struggling to detect attacks at the same speed.

In fact, the 2020 Ponemon Cost of a Data Breach Report notes that the average breach detection gap (BDG), which is the time between the initial breach of a network and its discovery, is 280 days.

The report also found that the average cost of a data breach in the United States is $8.64-million, 124% higher than the global average ($3.86-million).

Considering this, it is more crucial than ever those organisations adopt new strategies to make sure their networks can function as cohesively as possible.

AI Technology to Address the Cybersecurity Skills Gaps

A skills gap exists in the cybersecurity sector, with security leaders often struggling to bring qualified staff on board. AI-driven security experts, in particular, are even harder to come by.

This is especially dangerous when considering the fact that as AI continues to evolve, so too will the malicious uses of this technology.

Organisations are now facing attacks that leverage self-learning technologies that can quickly find vulnerabilities, select or adapt malware, and actively fight off the security efforts that have been put in place to stop them

And when using AI alongside emerging attack methods (i.e., swarmbots), bad actors will gain the ability to break down an attack into its functional elements. These elements can then be assigned to various members of a swarm to enable interactive communications to accelerate the speed of an attack.

When working to defend against these AI-enhanced attack strategies, security teams must embrace a “fighting fire with fire” approach.

By understanding how cybercriminals find their success and taking a few pages from their playbooks, security leaders can redesign their strategies in order to level the playing field.

Importance of AI-driven Technology in Cybersecurity

While AI technology can do amazing things, it can have both positive and negative implications. Cybersecurity professionals must confidently employ that same advanced technology in counter-measures to protect networks from bad actors exploiting increasingly-advanced technology.

A security strategy that uses AI-enhanced technologies is vital in defending against cybercriminals, especially as networks and the attacks against them grow more complex and sophisticated.

Derek Manky is Chief, Security Insights & Global Threat Alliances at Fortinet’s FortiGuard Labs.

Kelechi Deca

Kelechi Deca has over two decades of media experience, he has traveled to over 77 countries reporting on multilateral development institutions, international business, trade, travels, culture, and diplomacy. He is also a petrol head with in-depth knowledge of automobiles and the auto industry

Hacking The Mind of Cybercriminals – How Threat Actors Think

June 28, 2021

The rise of cybersecurity challenges as a result of the activities of cybercriminals has necessitated the call for more online surveillance. Cybercriminals come in many different flavours, but the majority of them are in it for one thing: financial pay-off. They want the money that comes with offering their tools or services, selling stolen data, extortion like ransomware or plain fraud. And they all have one thing in common – your organisation is on their radar.

Anna Collard, SVP Content Strategy and Evangelist at KnowBe4 Africa

This is why it is critical to understand how cyber criminals operate, the tools they use and the approaches they take to embed robust security within the organization, says Anna Collard, SVP Content Strategy and Evangelist at KnowBe4 Africa.

“With ransomware going rampant and victim organisations paying up to millions of U.S. dollars to the extortionists, this problem is just going to get worse. The U.S. government recently announced that ransomware is a national cybersecurity challenge and that there will be serious implications for anyone attacking the United States or their critical infrastructure.

This may lead more criminals to shift their attention towards the emerging economies like Africa, where we do not have the government’s support or capacities to stop and prosecute cybercriminals, making it a safer place to operate,” says Collard.

People Hacking

Social engineering or people hacking are a popular way to distribute ransomware – predominately by tricking people into falling for their phishing scams.

“Another technique to be aware of is password spraying,” she explains.

“This is when the bad actor selects a common password, like the organisation’s name, followed by the year, and tries it against every user in the organisation. They scrape names of employees from LinkedIn and then using this information; try the possible password against the list of names. Then it keeps on cycling until it hits a winning entry. This is a solid case for ensuring that every single employee uses proper passwords or a password manager and multi-factor authentication where possible.

“This level of attack really underscores how important it is to undertake consistent employee training and security skills development,” says Collard.

“No matter how secure your perimeter, no matter how much money is spent on high-end security systems, one poor password can open the doors to the threat actors.”

Multi-Factor Authentication and Security Education – Keys for Online Safety

Multi-factor authentication and robust training are not just invaluable for employees in the office, they are even more critical today as people work from home and multiple locations – particularly as employees migrate to coffee shops for power and Wi-Fi during load-shedding. Public Wi-Fi is wide open and home networks with poor passwords or out of date software are open doors.

“It is also really important to make sure that employees use a VPN, although that is also not a guaranteed protection,” says Collard as a recent report by the Orange Cyber Defense team explained.

“With home routers being vulnerable due to people not configuring them correctly or updating them, it might be worthwhile sending pre-configured routers and firewalls to employees’ homes, especially for those who access highly confidential information.”

Another challenge for the organisation is keeping up with vulnerabilities and patch management, which is a complicated task in bigger environments.

“Leading hackers and experts like Kevin Mitnick are drawing lines under the importance of putting people’s understanding of these threats at the forefront,” says Collard.

“Make sure that passwords are secure, that they are not stored in diaries or on open platforms like Slack or Google Hangouts, that they understand how to identify social engineering attacks and keep security hygiene at the forefront of all communication. People need to know what is out there, and that they have the skills to play an important role in protecting themselves and the organisation.”

It’s the Small Mistakes that Cost the Most

Today, the threat actors are organised and well paid. They benefit immensely from their pursuit of vulnerabilities, simple mistakes and human error. Organisations have to sit on the sharp end of the security stick with robust monitoring and detection systems, clear policies, consistent training and security boundaries.