Intelligent CISO Issue 1 - Page 74

by 2020, with a compound annual growth rate (CAGR) of 19%. In addition, successfully taking down a cloud provider is a one-to-many opportunity. The complex, hyperconnected networks that cloud providers have developed can produce a single point of failure for dozens or even hundreds of businesses.” Further, it warns: “Cloud services are centralised and present a huge potential attack surface. Rather than hacking businesses individually, criminals that can infiltrate a single cloud environment would potentially have access to data from dozens or hundreds of organisations or be able to wipe out an entire range of services with a single attack. “And it’s not just businesses that would be affected. Government entities, critical infrastructure, law enforcement, healthcare and a wide range of industries of all sizes all use the cloud and many of them use the same cloud provider. If a cyberterrorist can take down a single major cloud service provider, the implications could be devastating.” Because of the high value of these networks and the potential for devastating results should they be compromised or knocked offline, critical infrastructure and healthcare providers are now finding themselves in an arms race with cybercrime organisations. Next-gen morphic malware The blog also predicts that adversaries will begin to leverage automation and machine learning in their attack tactics, techniques and procedures (TTP). “Current polymorphic malware, for example, has been around for decades. It already uses pre-coded algorithms to take on a new form to evade security controls and can produce more than a million virus variations per day. But so far, this process is just based on an algorithm, and there is very little sophistication or control over the output.” It continues: “Next-gen polymorphic malware built around AI, however, will be able to spontaneously create entirely new, 74 customised attacks that will not simply be variations based on a static algorithm. Instead, they will employ automation and machine learning to design custom attacks to quickly compromise a targeted system and effectively evade detection. The big difference is the combination of discipline and initiative.” Critical infrastructure to the forefront “Most critical infrastructure and OT networks are notoriously fragile and originally designed to be air-gapped and isolated,” notes the blog. “But the need to respond at digital speeds to employee and consumer demands has begun to change that, making everything exposed (look at cloud-enabled SCADA services.) Applying security as an afterthought once a network designed to operate in isolation is connected to the digital world is rarely very effective. Because of the high value of these networks and the potential for devastating results should they be compromised or knocked offline, critical infrastructure and healthcare providers Issue 01 | www.intelligentciso.com