The world is at the beginning of a cyber arms race, with defence teams and threat actors gearing up to square off against each other in cyber warfare, according to a leading cyber security expert.

• Black Hat Usa 2019
• Lack Hat Asia Bhasia 2019 Calendar
• Blackhat Asia 2019 Agenda

Black Hat is returning to Marina Bay Sands in Singapore, March 26-29, 2019. The information security community will come together for hands-on Trainings. BHAsia 2019 AcuTherm: ขโมยรหัสผ่านด้วย Acoustic & Thermal Side-channel Attack. ภายในงานประชุม Black Hat Asia 2019 ที่เพิ่งจัดไปเมื่อสัปดาห์ที่ผ่านมา Ercan Ozturk นักวิจัยจากคณะ.

Speaking at Black Hat Asia 2019 in Singapore last week, Mikko Hypponen, chief research officer at F-Secure, noted that technology is already shaping wars, and that the arms race is now squarely in cyber space.

“We might very well be spending the next 60 years in a cyber arms race,” said Hypponen, who has been tracking online crime since 1991.

Although the volume of traditional weapons – fighter jets, aircraft carriers and nuclear weapons – possessed by each country is more obvious, there is far less clarity on who is developing tools for use in cyber warfare.

“Cyber attacks are effective, affordable and deniable – they get the job done and you can deny that it is your weapon,” said Hypponen. “That’s a great combination in any weapon”.

Going forward, conflict could extend beyond land, sea and air to new domains like the realms of DNA warfare or nanotechnology.

Hypponen said the breadth of cyber warfare covers a wide area, with more devices and endpoints being added to the internet of things each day.

The definition of computers has also gone beyond its original meaning, where standalone devices, and even a nation’s infrastructure such as power plants and transportation systems, are connected to the internet.

“It means that IT managers need to shift from protecting computers to protecting everything,” said Hypponen.

Artificial intelligence (AI) and machine learning are currently being used in cyber warfare, but more for defence rather than offence.

AI-savvy IT workers are highly sought after, and are unlikely to fall in line with cyber criminals. The challenge, however, will be when AI becomes pervasive, spawning more cyber attacks as a result, Hypponen said.

“The lack of skill protects us now, but it is not going to protect us much longer,” he added.

IDC Asia-Pacific’s senior market analyst, Sherrel Roche agreed that AI is making an impact in cyber security and is being used by both defence teams and threat actors.

So far, AI has shortened the time to launch cyber attacks like ransomware, spear phishing, cryptojacking and formjacking, Roche said.

“These advanced technologies enable malicious code to circumvent perimeter security and mine through unstructured data that might be blind to the untrained human eye or is not immediately obvious,” she added.

Given the complex threat environment, Roche said users are turning to e-mail filtering services that use AI to detect anomalies and suspicious looking content.

Users also use security analytics powered by machine learning to discover potential malicious activities, by analysing the activity of users and related entities such as hosts, applications and data repositories, and to provide insights on log data from devices where agents cannot be deployed.

Another tool is user behaviour analytics that is being used to detect compromised credentials, lateral movement and high-risk behaviour that falls out of baseline profiles, in endpoint and security products as well as managed security services.

Read more about cyber security in ASEAN

• How Singapore went from not having a central agency to coordinate cyber security efforts across various government and security agencies, to becoming a regional thought leader in cyber security.
• A security expert has called for businesses to manage the risks of adopting new technologies and improve their cyber hygiene, rather than see AI as a panacea for their security woes.
• Southeast Asian ride-hailing firm Grab prefers detective controls rather than preventive ones to deter cyber threats.
• Even as Southeast Asia works towards coordinating cyber security strategies, more needs to be done to establish cyber norms.

Make 2019 the year of great IT decisions

Before any investment, how about taking a look at your peers' IT priorities for 2019? Download the results of our survey right now to find out in which areas IT decision makers are planning to invest in the nearest future!

Black Hat Usa 2019

• In The Current Issue:
  • Skills, digital and the manufacturing sector
  • The changing face of enterprise collaboration
  • Perfect storm for data science in security

• The blockchain effect: why businesses need to prepare employees– Eyes on APAC
• Wider DevOps needs sharper identity certificates – CW Developer Network

Lack Hat Asia Bhasia 2019 Calendar

• Offensive AI unlikely in the near future, says Mikko ..– ComputerWeekly.com
• UK urged to up spending on cyber defence– ComputerWeekly.com
• Work needed to ensure positive tech revolutions, says..– ComputerWeekly.com

The world is at the beginning of a cyber arms race, with defence teams and threat actors gearing up to square off against each other in cyber warfare, according to a leading cyber security expert.

Blackhat Asia 2019 Agenda

Speaking at Black Hat Asia 2019 in Singapore last week, Mikko Hypponen, chief research officer at F-Secure, noted that technology is already shaping wars, and that the arms race is now squarely in cyber space.

“We might very well be spending the next 60 years in a cyber arms race,” said Hypponen, who has been tracking online crime since 1991.

Although the volume of traditional weapons – fighter jets, aircraft carriers and nuclear weapons – possessed by each country is more obvious, there is far less clarity on who is developing tools for use in cyber warfare.

“Cyber attacks are effective, affordable and deniable – they get the job done and you can deny that it is your weapon,” said Hypponen. “That’s a great combination in any weapon”.

Going forward, conflict could extend beyond land, sea and air to new domains like the realms of DNA warfare or nanotechnology.

Hypponen said the breadth of cyber warfare covers a wide area, with more devices and endpoints being added to the internet of things each day.

The definition of computers has also gone beyond its original meaning, where standalone devices, and even a nation’s infrastructure such as power plants and transportation systems, are connected to the internet.

“It means that IT managers need to shift from protecting computers to protecting everything,” said Hypponen.

Artificial intelligence (AI) and machine learning are currently being used in cyber warfare, but more for defence rather than offence.

AI-savvy IT workers are highly sought after, and are unlikely to fall in line with cyber criminals. The challenge, however, will be when AI becomes pervasive, spawning more cyber attacks as a result, Hypponen said.

“The lack of skill protects us now, but it is not going to protect us much longer,” he added.

IDC Asia-Pacific’s senior market analyst, Sherrel Roche agreed that AI is making an impact in cyber security and is being used by both defence teams and threat actors.

So far, AI has shortened the time to launch cyber attacks like ransomware, spear phishing, cryptojacking and formjacking, Roche said.

“These advanced technologies enable malicious code to circumvent perimeter security and mine through unstructured data that might be blind to the untrained human eye or is not immediately obvious,” she added.

Given the complex threat environment, Roche said users are turning to e-mail filtering services that use AI to detect anomalies and suspicious looking content.

High power rifle shooting jacket. Users also use security analytics powered by machine learning to discover potential malicious activities, by analysing the activity of users and related entities such as hosts, applications and data repositories, and to provide insights on log data from devices where agents cannot be deployed.

Another tool is user behaviour analytics that is being used to detect compromised credentials, lateral movement and high-risk behaviour that falls out of baseline profiles, in endpoint and security products as well as managed security services.

Read more about cyber security in ASEAN

• How Singapore went from not having a central agency to coordinate cyber security efforts across various government and security agencies, to becoming a regional thought leader in cyber security.
• A security expert has called for businesses to manage the risks of adopting new technologies and improve their cyber hygiene, rather than see AI as a panacea for their security woes.
• Southeast Asian ride-hailing firm Grab prefers detective controls rather than preventive ones to deter cyber threats.
• Even as Southeast Asia works towards coordinating cyber security strategies, more needs to be done to establish cyber norms.

Make 2019 the year of great IT decisions

Before any investment, how about taking a look at your peers' IT priorities for 2019? Download the results of our survey right now to find out in which areas IT decision makers are planning to invest in the nearest future!

• In The Current Issue:
  • Skills, digital and the manufacturing sector
  • The changing face of enterprise collaboration
  • Perfect storm for data science in security

• The blockchain effect: why businesses need to prepare employees– Eyes on APAC
• Wider DevOps needs sharper identity certificates – CW Developer Network

• Offensive AI unlikely in the near future, says Mikko ..– ComputerWeekly.com
• UK urged to up spending on cyber defence– ComputerWeekly.com
• Work needed to ensure positive tech revolutions, says..– ComputerWeekly.com