Bfore.AI Blog, Blog
Expanding enterprise attack surface | Bfore.AI
As organizations face security breaches, AI can be a force multiplier, allowing security teams to not only react faster than cyber attackers can move, but also to anticipate those moves and act ahead of them.
Despite significant investments in security technology, organizations continue to struggle with security breaches: their adversaries are quick to evolve their tactics and stay ahead of the technology curve. Humans may soon be overwhelmed by the volume, sophistication and difficulty of detecting cyberattacks.
Meanwhile, the cost of cybercrime continues to climb; it is expected to double from US$3 trillion in 2015 to US$6 trillion by the end of 2021 and reach US$10.5 trillion by 2025. The average cost of a single data breach in 2021 was US$4.24 million, a 10 percent increase from 2019. According to insurer AIG, ransomware-related claims alone have increased by 150% since 2018.
“51% of respondents saw an increase in phishing after moving to a remote work model”
Organizations’ attack surfaces are expanding exponentially. The adoption of 5G networks and increased network connections, along with a more distributed workforce and broader partner ecosystem, can present new risks. They expose the enterprise outside its firewalls and push it to customer devices, employee homes and partner networks.
More remote workers
Before COVID-19, only about 6% of employees worked from home. By May 2020, about 35 percent did. In the first six weeks of the 2020 shutdown, the percentage of attacks on home-based workers increased fivefold, from 12% to 60%. One survey found that 51 percent of respondents saw an increase in email phishing after switching to a remote work model.
“Cybercriminals will have a growing number of physical assets connected to the network to choose from – 29.3 billion by 2024”
For many workers, remote work is expected to remain the rule, not the exception, offering cybercriminals many new opportunities. For example, outside the security of corporate firewalls and web security gateways, remote workers are easier to target. They rely on home networks and VPN connections and often use unsecured devices to access cloud-based applications and data. In addition, existing on-premises security equipment is typically designed to support corporate networks, not home Internet access. With employees logging in from atypical locations and devices at unusual times, it can be more difficult to identify anomalous behavior, which can lead to an increase in false positives.
Increase in network-connected devices
5G, IoT, Wi-Fi 6 and other network advancements are leading to an increase in devices connected to the network. Looking for a flexible attack vector, cybercriminals will have a growing number of network-connected physical assets to choose from – 29.3 billion by 2024, according to one estimate.
The unprecedented number of devices connected to these networks produces data that needs to be processed and secured, contributing to data congestion in the SOC. Tracking and managing assets, their purpose and expected behavior can be difficult, especially when managed by service orchestrators.
By 2025, market watchers predict there will be 1.8 billion 5G mobile connections
Instead of being centrally located and controlled, many of these devices are spread across multiple remote sites, operating in multiple edge environments where they collect data to be sent back to the enterprise. Without proper security precautions, devices can be compromised and continue to operate normally on the network, becoming bots controlled by intruders who can spread malicious code or conduct swarm attacks.
A broader ecosystem of third-party partners
An increasingly global supply chain and hosted data, infrastructure and services have long contributed to third-party risk. And as more organizations integrate data with third-party applications, APIs are a growing security concern. Gartner predicts that by 2022, API abuse will become the most common enterprise attack vector.
Third-party breaches are becoming increasingly complex. Five years ago, an intruder could use widely available malware to target specific IT systems, obtain contractor credentials and steal customer data – admittedly a tricky operation, but one with a clear source and the ability to monitor and repair the damage. Such an attack pales in comparison to today’s sophisticated intrusions, in which information stolen from one company can be used to compromise thousands of its customers and suppliers.
5G network adoption
The shift to 5G’s combination of software-defined, distributed and hardware networks, open architectures and virtualized infrastructures will create new vulnerabilities and a larger attack surface, requiring more dynamic cyber protection. By 2025, market watchers predict there will be 1.8 billion 5G mobile connections (excluding IoT), up from 500 million in 2021, and about 3.7 billion cellular IoT connections, up from about 1.7 million in 2020.
From autonomous vehicles and drones to smart factory devices and cell phones, a whole ecosystem of public and private devices, applications and services connected to the 5G network will create additional potential entry points for hackers. Each asset will need to be configured to meet specific security requirements. And with the increasing variety of devices, the network becomes more heterogeneous and more difficult to monitor and protect.
It’s time for AI, a force multiplier that allows organizations to not only react faster than attackers can move, but to anticipate and react to those moves in advance.
Prevent the next Cyber Threat
Bfore.AI patented AI technology combined with hyperscale observation infrastructure and modern APIs augment our customers security postures with Predictions.
Discover Predictive Cyber-Security
Book a live demo with our specialist to discover how Bfore.AI helps organization fight cyber threats with their patented technology.