Intelligent orchestration is the new one-up game in the ongoing battle against AI-armed threats
The dark web is getting craftier, foxier, and nastier. The threat actors are coming out with more targeted cyber attacks, rather than mass-oriented tactics. The impact – these attacks don’t hog enough media limelight and therefore awareness against those threats also takes a longer while to develop. This gives attackers a longer window for perpetuating more attacks on other potential targets.
This may be seen as a tactical shift from 2017 when the crippling WannaCry ransomware took the world by surprise and instantly made it to the headlines.
While emails continue to be a favorite channel for attackers, various social media platforms have opened up new avenues. The use of multiple devices and numerous wireless networks, including Wi-Fi hotspots, open up new entry points for cyber criminals.
Attacks are getting sophisticated
Threat actors have been using modern digital technologies such as advanced analytics to track users and their browsing habits and patterns for quite some time. This enables them to identify potential targets and their vulnerabilities in a well-structured manner. They then make use of technologies such as artificial intelligence (AI) to add new teeth to social engineering methods. With use of AI, an email with malicious links and attachments can be masqueraded to appear significantly genuine to the average user.
Once inside the network, the malware could spread in a stealthy way and infect a good number of computers before it gets detected. While a ransomware would announce its intent quick and loud through a ‘pay-up notice’ on the infected screens, some other malware could have the agenda to steal as much data as possible before it gets located and shot down by the incident response (IR) team.
Responses must get orchestrated
In order to effectively counter the newer breeds of AI-armed attacks, the responses must get smarter, faster, and better. An organization’s best approach is automation and intelligent orchestration of people, processes, and technologies.
It is critically important that IR teams are getting updated on the latest threat vectors and the ways to annul those potential attacks in a timely manner. However, it is equally important that the IR team should be able to seamlessly educate and inform internal users on the latest social engineering tactics being employed by attackers. This simple but timely measure could help mitigate the chances of users falling easy prey to many a malware trap and foil even a coordinated attack in an effective manner.
Further, even if a malware manages to engineer its way onto a user’s device, network should be intelligent enough to identify the threat vector and trigger a first-line-of-defense mechanism. It should also send an automated alarm to other relevant IT security systems as well as people.
How can enterprises achieve intelligent orchestration of people, processes, and technologies? What are the tools and mechanisms that can make this happen? An advanced orchestration platform that helps accelerate response should be a integral part of an organization’s security strategy.
To know more about IBM Resilient Incident Response Platform, log on to https://ibm.co/2Zd4VkZ
Want to know more about Battling Complex Cyberattacks? Download the whitepaper here https://ibm.co/2VNyAzc