More and more Application Layer Firewalls show up, and zero-day exploit detections becomes, even as it is an expensive toy, a new standard for the bigger corporations. Also, the internal zone as a potential threat area is no longer a sacrosanct. The fact is that a clear front line no longer exists, it has moved in the form of isolated skirmishes into the company. Malware now leaves more and more active, undiscovered elements inside the companies to spy or manipulate data, with the ability to disguise itself or to be inactive for a long time. We expect for the near future more attacks affecting the Internet of Things (IoT) or use artificial intelligence (AI). APTs using machine learning technology have already been spotted.
Creating Something New
Today's professional attacks move away from mere data theft to targets that promise far greater profits - the manipulation of data integrity. In times of data lakes, in which mission-critical data are stored in a single logical environment only rudimentarily protected, this is consequent. The problem is that the data does not even have to be business-critical. If research data, eg. measurements, are manipulated unnoticed, the experiment will fail or incorrect conclusions will be drawn. This can cost millions, can cause setbacks for years or play in the hands of competitors. Even worse is the manipulation of automation data - the whole production can be at risk. The gap between defender and attacker gets bigger. The knowledge advantage of the attackers is constantly increasing and they are now tightly structured worldwide - managed and financed by criminal organizations or rogue nations.
Future Threats
This chapter is based on informations from a study of ISF (Threat Horizon 2020) and our own geopolitical risk research. The ISF study "Threat Horizon for 2020" reveals a dark future for our cyber world. IoT is leaking informations, opaque algorithm compromise integrity and rogue governments use terrorist groups to launch cyber attacks - just to name a few of the potential threats for 2018.
Innovative attackers, not only state sponsored
Regulation craze and national protectionism are a risk for the clouds-services and cross-border data transfer, and Privacy regulations impede the monitoring of not only insider threats. China's new cybersecurity law unsettles foreign companies in the mainland. Open questions such as the location of data storage or the use of VPN services are just the tip of the iceberg. The new European data protection law (GDPR) not only causes uncertanty in Europe - so various US services have been blocked for Europeans, because of the unclear legal situation - at least temporarily. The ISF Study shows great concern regarding Ransomware attacks against the IoT, and sees integrity of information at risk. Automated misinformation will push the fake news discussion to a new level. So called "blended attacks" (BA) are on the rise. These attacks, formerly only discussed in military circles, combine cyber and physical attacks together. Conclusion: Protecting critical information resources and systems with existing solutions will prove inadequate. Innovative and professional attackers, including national states, terrorist groups and organized criminals, will threaten even the strongest player.