IoT malware, machine learning attacks and a strong uptick on public-facing ransomware are all on the near threat horizon, warns Darktrace

Charlee Gothard
clock • 2 min read

"We need to change the way we approach security," says Peppa Wise

The IoT, machine learning and a doubling-down on public-facing ransomware are all on the IT threat horizon, enterprise immune system firm Darktrace has warned.

The overriding issue in the modern landscape, explained Darktrace's cyber security executive Peppa Wise, is how fast malicious actors are now able to work.

"Rules and signatures mean we're always one stage behind an attacker, because we're having to patch, create rules and signatures as soon as we've seen an attack, and they're not letting us put ourselves in front of the attacker and protect against attacks we've never seen before," said Wise, who was speaking at Computing's 2017 Big Data and IoT Summit.

"We've also seen a big change in the types of threats that are out there. It's no longer just data being stolen for financial gain that we need to be worrying about - trust attacks are a massive thing that we're seeing q lot more of at the moment."

Wise flagged compromised data to reputational damage "for sabotage", rather than the more traditional acts of stealing critical financial information for financial gain.

"Data compromise and loss of data integrity can be a lot more scary than that data just being stolen in the first place.

"If we considered an attacker from the inside changing records in a hospital, say altering blood types on a system, and then that hospital having no idea which blood types or which persom had been changed, yopu can imagine the absolute chaos that would cause for our NHS - it's much scarier than that data jjust being taken off the network in the first place," said Wise.

Wise said the industry should also expect an increase in attacks "flagged up on devices we're able to access," a given example being ATMs, or payment points in shops.

"These are attacks that could see the public pressuring an organisation to pay up in a ransomware attack, or take quick action."

Wise also flagged a rise in insider attacks ("Yes, that's your employees") who may be either stealing records for their own ends, or simply trying to work at home easier.

Finally, AI and machine-learning-driven attacks are a major upcoming threat, said Wise.

"We've seen examples of this with polymorphic malware and ransomware - created specifically to evade detection from security tools, to be able to hide in networks and strike when the time is right."

"This is worrying, and show we need to be changing the ways we approach security, and probably taking it a lot more seriously," said Wise.

You may also like
Accidental exclusion exacerbating cyber's staffing problem

Careers and Skills

Many people who would excel in cybersecurity roles see no obvious way in, with those that do make it getting stuck in entry-level positions

clock 12 May 2023 • 4 min read
Former Head of Police National Cyber Crime Unit joins Cybersecurity Festival

Leadership

Charlie McMurdie spent 32 years in the Met and built the Police Central e-crime Unit

clock 29 March 2023 • 2 min read
Security challenges: Five midsize IT leaders on where they need help

Security

From ransomware and malware to the Internet of Things, midmarket IT leaders are staring down a number of security threats, often with limited resources at hand.

clock 28 March 2023 • 8 min read

More on Security Technology

Checkmarx: 'It's very difficult for CISOs to know how to safely incorporate genAI'

Checkmarx: 'It's very difficult for CISOs to know how to safely incorporate genAI'

'It’s an unfortunate reality that developers have not traditionally been big fans of security'

clock 26 March 2024 • 5 min read
UK's biometrics commissioners steps down, signalling missteps

UK's biometrics commissioners steps down, signalling missteps

Home Office is ignoring new technologies

Muskan Arora
clock 31 January 2024 • 4 min read
Endpoint is the path of least resistance, says Threatlocker

Endpoint is the path of least resistance, says Threatlocker

IT Leaders Summit debates the true purpose of endpoint security.

Penny Horwood
clock 05 October 2023 • 2 min read