For Most Organizations, the Full Capabilities of Security Automation Are Still Untapped
Modern security threats come in many different forms, which is part of the reason why addressing them is so challenging and there is a dire need for security automation. But despite recent advancements, the barriers to adoption for automation software remain high, particularly within the security industry.
Cyberattacks have long used automation. It makes things simple for the attacker to create, test, fire and forget. Code can be reused with little modification and enhancements added with minimal work. This is the way it has been since the very beginning of malware development. There are brute-force attacks that use a variety of credentials to gain access, port-scan attacks that prod network ports to find one unprotected and lateral propagation where software installed on a computer spreads automatically to vulnerable devices. Each of these uses packaged tools to automate one or more steps in the process.
A past and future threat
Automated attacks are evolving fast. For example, there is growth in malicious tweets and chatbots that harvest personal information to use in phishing campaigns. The information can also be utilized for pre-infection tactics where malware is sent onto a network in advance to ensure it is ‘clean’ before executing an attack.
Automation Fact: In 2018, IBM research developed an automated malware named DeepLocker, which used automation and AI to hide in plain sight and only detonate when the correct target was detected. This code was developed to prove what is possible and gather data that will help defend against this type of attack in the future.
Att ..
Support the originator by clicking the read the rest link below.
