INTELLIGENT BRANDS // Enterprise Security
McAfee expert predicts weaponizing of AI to attack home networks
Sandeep Chandana , Director , Global Technical Support , McAfee , predicts heterogenous home networks will come under attack with the weaponizing of AI .
The COVID-19 pandemic has hastened
the pace of the corporate IT transition to the cloud , accelerating the potential for new corporate cloud-related attack schemes . With increased cloud adoption and the large number of enterprises working from home , not only is there a growing number of cloud users but also a lot more data both in motion and being transacted .
McAfee cloud usage data from more than 30 million McAfee MVISION Cloud users worldwide shows a 50 % increase overall in enterprise cloud use across all industries in the first four months of 2020 .
Our analysis showed an increase across all cloud categories , usage of collaboration services such as Microsoft O365 by 123 %, increase in use of business services such as Salesforce by 61 % and the largest growth in collaboration services such as Cisco Webex ( 600 %), Zoom (+ 350 %), Microsoft Teams (+ 300 %) and Slack (+ 200 %). From January to April 2020 , corporate cloud traffic from unmanaged devices increased 100 % across all verticals .
The increasing proportion of unmanaged devices accessing the enterprise cloud has effectively made home networks an extension of the enterprise infrastructure . We expect that widespread attacks will start weaponizing AI for better efficacy against thousands of heterogenous home networks .
One example could be a widespread brute force attack against O365 users , where the attacker seeks to leverage stolen credentials and exploit users ’ poor practice of re-using passwords across different platforms and applications . As many as 65 % of users reuse the same password for multiple or all accounts according to a 2019 security survey conducted by Google .
AI will be leveraged to exploit this practice at scale . Where an attacker would traditionally need to manually encode first and last name combinations to find valid usernames , a learning algorithm could be used to predict O365 username patterns . Additionally , instead of launching a classic brute force attack from compromised IPs until the IPs are blocked , resource optimization algorithms will be used to make sure the compromised IPs launch attacks against multiple services and sectors , to maximize the lifespan of compromised IPs used for the attacks . Distributed algorithms and reinforcement learning will be leveraged to identify attack plans primarily focused on avoiding account lockouts .
While the volume of sensitive data in motion increases and enterprise cloud postures mature , we also predict that the attackers will be forced to handcraft highly targeted exploits for specific enterprises , users and applications . The recent Capital One breach was an example of an advanced attack of this kind .
The attack was thoroughly cloud-native , it was sophisticated and intricate in that a number of vulnerabilities and misconfigurations across cloud applications ( and infrastructure ) were exploited and chained . It was not a matter of chance that the hackers were successful , as the attack was very well hand-crafted .
We believe attackers will start leveraging threat surfaces across devices , networks and the cloud in these ways in the months and years ahead . p
During the same period , McAfee witnessed a surge in attacks on cloud accounts , an estimated 630 % increase overall , with variations in the sectors that were targeted . Transportation led vertical industries with a 1,350 % increase in cloud attacks , followed by education (+ 1,114 %), government (+ 773 %), manufacturing (+ 679 %), financial services (+ 571 %) and energy and utilities (+ 472 %).
68
INTELLIGENTCIO NORTH AMERICA www . intelligentcio . com