This blog is a summary of an article written by Fortinet’s Derek Manky that appeared on the ThreatPost website on January 31, 2019.
The digital world has created unprecedented opportunities – both for good and for ill. Advances in swarm technology, for example, have powerful implications in the fields of medicine, transportation, engineering, and automated problem solving. However, if used maliciously, it may also be a game changer for the bad guys if organizations don’t update their security strategies.
For example, a new methodology reproduces natural swarm behaviors to control clusters of nano-robots, which can then be directed to perform precise structural changes with a high degree of reconfigurability, such as extending, shrinking, splitting, and merging. Swarm clusters can further be specialized to perform specific subtasks within the context of a larger swarm, allowing them to address more complex environments and solve more complicated problems more efficiently.
From a security perspective, the misuse of this technology could result in swarms of intelligent bots—swarmbots—that can operate collaboratively and autonomously. These swarms would be able to work collectively to solve problems, such as launching a self-learning, multi-vector attack against a network. Such an attack could also include AIF (artificial intelligence fuzzing) to “discover and exploit zero-day vulnerabilities in hardware and software interfaces and applications—and machine learning poisoning: training automated security devices to intentionally overlook certain threats.”
Choose your Weapons
Because swarm clusters with specific specializations could be joined together as part of a more complex swarm, online a al carte options in an attack-for-hire scenario could allow criminal consumers to preselect different swarm options for a custom attack. Optimized components could include swarms that:
- use machine learning to learn about a device or network in order to break in
- perform AI fuzzing to detect Zero-Day exploits
- move laterally across a network to expand the attack surface
- evade detection
Defending Against the Swarm
Of course, this raises the bar in terms of the technologies needed to defend an organization. To address this challenge:
“…security needs to be woven into workflows and network and application development strategies tied to specific business outcomes from the outset. In today’s digital marketplace, ensuring a proactively secured business or service is the linchpin to establishing digital trust and creating value.”
Addressing the new reality that threat advances like swarms represent requires organizations to do five things:
- Deploy security broadly and consistently across all ecosystems to establish a single point of visibility.
- Deeply integrate security to better correlate data and anticipate known and unknown threats.
- Automate security across devices and applications to eliminate human error.
- Accelerate performance to respond to threats at machine speeds.
- Use threat intelligence and advanced techniques like deception to anticipate threats and shut them down before they start.
Organizations need to begin now to defend themselves against the next generation of bad actors and advanced threats, while capturing the business advantages that comes to those who don’t wait for someone else to innovate.
You can click here to read the entire article, entitled “Prepare to Defend Your Network Against Swarm-as-a-Service,” posted on the ThreatPost website.
*** This is a Security Bloggers Network syndicated blog from Fortinet All Blogs authored by Fortinet All Blogs. Read the original post at: http://feedproxy.google.com/~r/fortinet/blogs/~3/Ozcwf_U-CyI/getting-ready-for-swarm-as-a-service.html