Cyber-attacks against organisations in 2017 will continue to be as successful as they were last year, because organisations aren't addressing the pain points they had last year, a new report says.
Fujitsu's "Blind spots and security basics – letting your guard down could cost you in 2017” report says attacks over encrypted channels will continue to be missed, due to the lack of SSL inspection capabilities.
The rise in attacks against enterprises using Microsoft PowerShell will continue, because many organisations lack adequate protection for malicious use. As it’s already part of the Windows system, it is easier for attackers it, and difficult for network defenders to identify malicious use.
Attackers are using tools like the PowerShell Empire, frequently used by penetration test teams, as well, it was said.
According to Fujitsu, one of the solutions being implemented by organisations everywhere is the AI. Machine learning is being deployed to learn ‘what good looks like’, so any deviation from this should be deemed suspicious.
“Core network monitoring for anomalous behaviour such as large transactions or first attempts to access a database will be a change in approach for security operations centres, who need to move towards an intelligence-led approach,” the report said.
Besides acting on ‘known bad’ traffic, security pros will now need to pay attention to what the machine learning algorithm spots, as well. Fujitsu believes attackers will try using the same AI capabilities, so it’s going to be an interesting 2017 in terms of AI vs AI.
Image Credit: Wright Studio / Shutterstock