It’s no secret that cyber-attacks are becoming more automated and intelligent by the day. With the help of AI and machine learning (ML), hackers are able to act faster and more efficiently than ever.
But what is this new wave of automated attack? Let’s take a look at four examples of how automation is transforming the cyber-landscape.
Much to the security professional’s dismay, many of us are guilty of using the same password, or a variation of one password, for all our accounts. So, when a database is breached and its content sold on the dark web, your one password and email combination is easy pickings for hackers to infiltrate all your other accounts.
In credential stuffing, hackers use these stolen passwords and credentials to try and hijack accounts or entire networks. This can lead to fraud, network downtime and system remediation.
Often the use of botnets is involved for automated credential stuffing. Hackers are now also leveraging ML and AI to predict a user’s password based on their other passwords. This is of particular concern, as it may lead to a future where if your password is leaked, all of your accounts will be vulnerable for as long as you have even vaguely similar passwords.
Credential stuffing is primarily used to target businesses in the financial and retail sectors. Like HSBC’s reported data breach which affected some of their customers’ sensitive information, such as account numbers, account balance, transaction history, contact details, and personal information.
‘Good’ bots, like those used for live chat, automation of workflows and promotion of content have become popular within many modern day businesses. But also with some cybercriminals.
Threat actors are now utilising bots for malicious purposes such as account creation, denial of inventory and account takeover.
Bots can also deliver brute-force attacks, create multiple fake accounts to spread online propaganda or carry out review bombing on eCommerce sites – an attack whereby attackers threaten to ruin a company’s reputation by posting damaging reviews online unless a ransom is paid.
Cybercriminals are also targeting chatbots and planting malware within them to steal critical information. Developing specialised chatbots with the sole purpose of retrieving sensitive information from users is a growing trend. Such tech includes SPAM and SPIM bots, fraud bots, malicious file-sharing bots and malicious chatterbots.
In 2018, cybercriminals built 856 million pieces of malware and research predicts that this number will rise in 2019.
Automation is enabling this accelerated development and launch of malware. Machine learning is also helping to create advanced malware strains, which are undetected by cybersecurity systems, to find security loopholes and launch automated cyber-attacks in the most effective way. These new strains can stay in the network for months to find the information the hackers want.
Machine learning-based malware can also target specific people in an organisation, or specific demographics of people using face, voice or geolocation detection – which brings us onto spear-phishing.
Spear phishing targets specific individuals by researching them online to customise communications, then uses this insight to get through a company’s defences. According to Symantec’s 2018 Internet Security Threat Report, spear-phishing was last year’s most widely employed infection strategy, used by 71% of cybercriminal groups.
Thanks to automation, criminals can now use natural language processing to train their ML systems, using a large volume of publicly available data from various sources for developing convincing emails and decreasing workload required for executing spear phishing attacks.
This means hackers are developing and launching automated spear phishing attacks which are more convincing than their predecessors, making it more important to be vigilant when it comes to this types of scam.
Automation is having an unprecedented effect on the world of cybercrime, making it easier and more cost-effective for cybercriminals to carry out attacks. However, cybersecurity methods are also adopting automation and machine learning technologies, so the battle for cyber-world domination isn’t over and won just yet.
UKFast’s Threat Monitoring detects all activity across your solution, providing you with an overview of any threats and vulnerabilities that put your business at risk.
Speak to our experts now on 0800 231 5917 or request a callback.