Authored by: Max Heinemeyer, Director of Threat Hunting at Darktrace
Cyber-attacks take off in space
The threat of cyber-attacks to satellites and other space-based assets has been bubbling up over the past decade with more countries and private actors investing in their ability to defend, and target, this technology.
In September, the White House released a new space policy directive detailing principles to help defend American space systems from cyber-threats, but it won’t stop hackers from trying to exploit vulnerabilities in increasingly digitised critical infrastructure in space. These cyber vulnerabilities pose serious risks not just for space-based assets themselves but also for ground-based critical infrastructure. If not contained, these threats could interfere with global economic development and, by extension, international security.
A growing number of space organisations have adopted AI to autonomously defend their space infrastructure, and we will see this trend grow in 2021 as cyber-attacks in space take off.
Hackers target trust
2020 was the year in which information and disinformation were pitted against each other, fuelled by deepfakes that both entertained and also distorted political discourse. Nation-state attackers were blamed for attacks targeting COVID-19 vaccine research.
2021 will see more so-called ‘trust attacks’ where sophisticated hackers use illegitimate access to computer networks not to steal data, but to subtly alter information and undermine its integrity. These attacks seek to erode trust in the data, and thereby in the institutions and organisations that are guardians to that data.
Next year we can expect attackers to launch trust attacks against businesses as well as national governments, as attackers seek to smear business’s reputations or disrupt economic activity.
5G ushers in a new wave of DDoS attacks
In 2021, 5G will enable a massive increase in connectivity and the emergence of new types of applications, emboldening hackers to launch more ambitious attacks.
We will see a resurgence of botnets and DDoS attacks, which will be able to target a far broader array of 5G internet-connected devices. These attacks don’t just threaten their intended targets, but can also affect network services and cause highly damaging network outages.
Internal security investigations will be performed by AI
In 2020, for the first time in history we saw artificial intelligence detect one of the most sophisticated cyber-attacks in the world; a nation-state attack from Chinese cyber espionage group APT41 (two weeks before humans were even aware the attack was taking place). Today AI is able to look through a computer network, investigate potential threats, and produce human-friendly written reports, ready for the boss to read. AI is doing this 9 times faster than a human could.
In 2021, the shift will continue, with more and more internal security investigations being performed by AI. AI will do the heavy lifting – understanding relevant context around a potential threat, testing hypotheses and producing a human-readable report, in seconds. The human is freed from this data-centric analytical work, instead focusing on business communication and making value judgements that need to be taken by humans.
This mutually-dependent partnership of human and AI will be the bedrock of cybersecurity in 2021 and beyond.