Over the past few years, the traditional network perimeter has been replaced with multiple edge environments, WAN, multi-cloud, data center, remote worker, IoT, and more, each with its unique risks. One of the most significant advantages to cybercriminals in all of this is that while all of these edges are interconnected many organizations have sacrificed centralized visibility and unified control in favor of performance and digital transformation. As a result, cyber adversaries are looking to evolve their attacks by targeting these environments and will look to harness the speed and scale possibilities 5G will enable.
Trojans Evolve To Target the Edge: While end-users and their home resources are already targets for cybercriminals, sophisticated attackers will use these as a springboard into other things going forward. Corporate network attacks launched from a remote worker’s home network, especially when usage trends are clearly understood, can be carefully coordinated so they do not raise suspicions. Eventually, advanced malware could also discover even more valuable data and trends using new EATs (Edge Access Trojans) and perform invasive activities such as intercept requests off the local network to compromise additional systems or inject additional attack commands.
Edge-enabled Swarm Attacks: Compromising and leveraging new 5G-enabled devices will open up opportunities for more advanced threats. There is progress being made by cybercriminals toward developing and deploying swarm-based attacks. These attacks leverage hijacked devices divided into subgroups, each with specialized skills. They target networks or devices as an integrated system and share intelligence in realtime to refine their attack as it is happening. Swarm technologies require large amounts of processing power to enable individual swarmbots and to efficiently share information in a bot swarm. This enables them to rapidly discover, share, and correlate vulnerabilities, and then shift their attack methods to better exploit what they discover.
Social Engineering Could Get Smarter: Smart devices or other home-based systems that interact with users, will no longer simply be targets for attacks, but will also be conduits for deeper attacks. Leveraging important contextual information about users including daily routines, habits, or financial information could make social engineering-based attacks more successful. Smarter attacks could lead to much more than turning off security systems, disabling cameras, or hijacking smart appliances, it could enable the ransoming and extortion of additional data or stealth credential attacks.
Ransoming OT Edges Could Be a New Reality: Ransomware continues to evolve, and as IT systems increasingly converge with operational technology (OT) systems, particularly critical infrastructure, there will be even more data, devices, and unfortunately, lives at risk. Extortion, defamation, and defacement are all tools of the ransomware trade already. Going forward,human lives will be at risk when field devices and sensors at the OT edge, which include critical infrastructures, increasingly become targets of cybercriminals in the field.
Other types of attacks thattarget developments in computing performance and innovation in connectivity specifically for cybercriminal gainare also on the horizon. These attacks will enable adversaries to cover new territory and will challenge defenders to get ahead of the cybercriminal curve.
Michael Joseph, Director System Engineering, India & SAARC, Fortinet, said, “2020 demonstrated the ability of cyber adversaries to leveragedramatic changes happening in our daily lives as newopportunites for attacks at an unprecedented scale. Going into 2021 and beyond, we face another significant shift with the rise of new intelligent edges, which is about more than just end-users and devices remotely connecting to the network. Targeting these emerging edges will not only create new attack vectors, but groups of compromised devices could work in concert to target victims at 5G speeds. To get out ahead of this coming reality, all edges must be part of a larger, integrated,and automated security fabric platform that operates across the core network, multi-cloud environments, branch offices, and remote workers.”