Sure, malware’s a persistent pain. But IT security pros today have other things on their minds.
Carbon Black, a Waltham, Mass. security vendor, recently polled 400 cybersecurity researchers. The majority of them, 93 percent in fact, said that non-malware attacks posed a bigger danger to businesses than the current crop of commodity malware that’s making the rounds on the internet.
“Non-malware attacks will become so widespread and target even the smallest business that users will become familiar with them,” according to an unnamed survey participant. “Most users seem to be familiar with the idea that their computer or network may have accidentally become infected with a virus, but rarely consider a person who is actually attacking them in a more proactive and targeted manner.”
A majority of respondents (64 percent) said they have witnessed a marked increase in attacks of the non-malware variety since the start 2016, seemingly signifying an escalation of sorts in the endless battle against cyberattacks.
“Among the most common types of non-malware attacks researches reported seeing were: remote logins (55 percent), WMI-based attacks (41 percent), in-memory attacks (39 percent), PowerShell-based attacks (34 percent), and attacks leveraging Office macros (31 percent),” blogged Michael Viscuso, founder and chief technology officer of Carbon Black.
Despite the buzz it’s generating, most security pros aren’t quite rushing to enlist artificial intelligence (AI) into the fight. A whopping 87 percent said that it will take at least three years before they can trust AI to guide their cybersecurity efforts.
“AI and ML’s [machine learning’s] roles in preventing cyberattacks have been met with both hope and skepticism,” remarked Viscuso. “They have been marketed as game-changing technologies though doubts still persist, especially when used in siloes. Their emergence is due largely to the climbing number of breaches, increased prevalence of non-malware attacks, and the waning efficacy of legacy antivirus (AV).”
In short, human attackers are proving to be craftier than AI defenders, at least for now.
“Three quarters (74 percent) of researchers said AI-driven cybersecurity solutions are still flawed. 70 percent of security researchers said attackers can bypass ML-driven security technologies; and nearly one-third (30 percent) said ML-driven security solutions are easy to bypass,” Viscuso added.
Although Carbon Black’s data paints a disturbing picture, it also provides some insight into areas that IT security personnel should focus on fortifying.
The popular targets for attackers are customer data (62 percent), followed by corporate intellectual property 53 percent. Many attackers are also satisfied with disrupting a service (51 percent), pilfering credentials (42 percent) and getting their hands on financial data (41 percent).