Fortint (NASDAQ: FTNT), a global leader in comprehensive, integrated and automated cyber security solutions, has unveiled the cyber threat predictions of FortiGuard Laboratories, the company’s global research and intelligence body, for 2022 and beyond. In new areas that they can take advantage of throughout the attack, especially as the work trend continues from everywhere. The cybercriminals in the near future and the recommendations that will help defend against the attacks.
Increasing intelligence gathering techniques to maximize attacks
Attacks are often discussed in terms of left-hand and right-hand threats, when viewed through an attack chain like MITER’s ATT & CK framework. On the left side of the attack chain are the pre-attack stages, which include planning, development and armament strategies while on the right side is the execution phase of the attack. FortiGuard lab researchers predict that cybercriminals will devote more time and effort to gathering intelligence and discovering zero-day capabilities to take advantage of new technologies and ensure that their attacks are more successful. An increase in the rate of new attacks that can be carried out on the right is also expected due to the expansion of the crime-as-a-service market.
Ransomware attacks will become more destructive: crime software will continue to expand and ransomware attacks will continue to be the focus of activity in the future as well. Attackers launching ransomware attacks are already combining these attacks with distributed denial of service (DDoS) attacks in hopes of flooding IT teams so that they will not be able to take last-minute actions to minimize the damage caused by the attack. Adding wiper software that is a ticking time bomb – which can not only destroy data but also destroy systems and hardware – creates another urgency for companies to pay the ransom quickly. Attacks using malicious software have already returned to the spotlight when such an attack was discovered at the Tokyo Olympics. Given the level of convergence that has been seen between cybercriminals’ attack methods and constant advanced threats (APTs), it is only a matter of time before destructive capabilities such as malware are added to the toolbox of ransomware attacks. These attacks could be of concern for emerging end environments, critical infrastructure and supply chains.
Cybercriminals use artificial intelligence to specialize in Deep-Pike: Artificial intelligence is already being used for defense purposes in many ways, such as detecting abnormal behavior that may indicate an attack, most often by botnets. It is important to understand that cybercriminals also leverage artificial intelligence to fend off the algorithms used to detect their abnormal activity. In the near future, the field will evolve and become a topic of concern following Deep-Pike’s use of artificial intelligence to mimic human activities, among other things, to enhance social engineering attacks. Also, the threshold for creating Deep-Pike will be lower through the ongoing commercialization of advanced applications. These can, in the end, lead to real-time impersonation using video and voice applications that can undergo biometric analysis, which poses challenges for secure authentication methods, such as voice or face recognition.
Increasing supply chain attacks that have not been a target so far: Linux-based systems run a lot of back-end computing systems on many networks and until recently, it was not a major target for the cybercrime community. But recently, new malicious binaries have been identified that focus on WSL (Windows to Linux Subsystem), which is a compatibility layer for running genuine Linux binaries running Windows 10, Windows 11, and Windows Server 2019. In addition, malware Of botnets are already being written for Linux platforms, which expands the attack space to the core of the network and increases the threats to be defended against. This threat will affect operational technology (OT) devices and supply chains operating on Linux platforms.
Cybercriminals focus on everything – your wallet, home and even space
The future challenge facing security officials is far beyond the growing number of attacks or advanced methods of cybercriminals. The attackers are exploring new areas that they can take advantage of, which are spread over an even wider area of attack. This is a particularly difficult challenge as at the same time, organizations around the world continue to expand their networks through new network-driven workloads (WFA), distance learning and new cloud services. Similarly, at home, online learning and the field of gaming have recently become routine activities. The rise in fast links, everywhere and all the time, presents enormous attacking opportunities for cybercriminals. The hostile elements will transfer significant resources to focus and take advantage of the new edges that are emerging and the environments that are created everywhere along the expanding network and will not be satisfied with just the core of the network.
Cybercrime focuses on space: FortiGuard lab researchers expect to see new POC (proof of feasibility) threats targeting satellite networks over the coming year, due to the increase in satellite-based Internet access. The main targets will be organizations that rely on satellite-based connectivity to support low-latency activities, such as online gaming or the provision of critical services for remote locations, as well as remote field offices, pipelines, ships and airlines. This means expanding the potential attack space as organizations add satellite networks to connect systems that were previously off-grid – such as remote OT devices – to their connected networks. As this continues to happen, the likelihood of various attacks increases, such as ransomware attacks.