Cybercriminals to use AI/ML, edge computing in increasingly sophisticated attacks: Fortinet

Cybercriminals are moving away from traditional methods and adopting sophisticated AI and ML-backed tools to attack organisations, California-based cybersecurity solutions provider Fortinet says in its latest report. 

The report by FortiGuard Labs team also highlights the strategies that companies can use to protect themselves against such attacks. 

Given the sophistication and volume of cyberattacks, organisations need to real-time counter-attack solutions.  

The report also makes a case for developing security-focused artificial intelligence solutions to create an adaptive immune system for the network, similar to a biological immune system. 

Machine learning development is expected to rely on a flood of relevant information coming in from the edge devices towards local learning nodes through which the AI system will also be able to refine how local systems respond to local events.

Threat intelligence gives cyber defenders an advantage in these attacks. But the increased use of deception technologies could spark retaliation by cyberattackers. Organisations could in turn counter this by adding playbooks and more pervasive AI to their deception strategies.

Law enforcement organisations are now establishing global command centres and connecting them to systems in the private sector to counter attacks in real-time. Fortinet says that a fabric where the law enforcement and the public and private sector can collaborate can lead to better identification and response to cybercriminals while protecting critical infrastructures.

 However, the cybercriminals also seem to be adopting sophisticated cyber-attack tactics backed by intelligent and AI-enabled systems.  With the rise in the use of advanced evasion techniques that are designed to prevent detection, disable security functions and operate using living off the land strategies (LOTL), cybercriminals are also keeping law enforcement agencies on their toes.

The report also spoke about the rise of swarm technology (collective behaviour of decentralised, self-organised systems, natural or artificial.) which if used maliciously, could cause issues if organisations do not update security strategies. 

5G and edge computing could also be weaponised, with individually exploited devices becoming a conduit for malicious code and groups of compromised systems could also work in concert to target victims using 5G speeds.