The Centripetal Blog

Centripetal Directly Addresses Top 6 Emerging Threats

Posted by Colin Little on August 20, 2018

I recently read an interesting article, which nicely summarized a view of the top 6 emerging cyber security threats being faced in 2018. I was pleased, yet not surprised, that Centripetal’s CleanINTERNET security service is perfectly aligned to address all these threat landscape issues with ease, automation and comprehensiveness. I wanted to share this simple threat list with people who read our blog. It is important to know that our core security platform Blocks and Shields networks of all sizes against each one of the threats listed in this article, providing much needed 7/24 protection to our client’s networks.

Article referenced: The Top 6 Emerging Threats To Cyber Security This 2018, By Sophia Smith, Aug. 2018

Here are the 6 emerging threats listed, along with my brief thoughts and comments:

  1. Phishing – Without a doubt one of the greatest threats to any size network, users and their assets make up for one of the largest and easiest attack surfaces for cyber criminals. Personally, I like how Centripetal’s security service addresses this by not only blocking inbound email traffic based on the threat intelligence associated with its’ source, but also blocking the outbound traffic when the user actually clicks ‘what the attacker wants them to’ and blocks the computer from going out to that website to download potential malicious files. 

  1. Ransomware – This wasn’t a real threat when I first got into cyber security several years ago, but when this threat started becoming popular with cyber criminals we took a lot of pleasure in figuring out ways to stop them! This is a high-profile threat with the potential to cause a lot of damage; on the other side of that coin there is also a lot of threat intelligence associated with Ransomware. Because of high-fidelity threat intel available, Centripetal’s service is perfectly positioned to stop this threat either when the executable is downloaded or when the executable reaches out to C2 for key exchange.

  1. Crypto-currency Mining – While this may seem to be just a nuisance and easy to get rid of, malicious mining represents the next evolution of Ransomware in a sense by making it easier for cyber criminals to monetize their crime. True to the trend of cyber crime in general, malicious mining is not something one needs a lot of skill and experience to participate in. Indeed, any person with a computer can get swept up in cryptojacking. Thankfully Centripetal can easily see indicators of malicious mining, both in enterprise environments using IP/port combinations and in individual user environments, by utilizing threat intelligence specifically tailored to track websites that mine without the user’s permission.

  1. The Weaponization of Artificial Intelligence – AI is now baked into many key applications and cyber criminals know that there is a lot of harm and profit that can come from infiltrating this machine learning world in which we live in. If AI is manipulated for malicious reasons, then the outcome may be very bad. This is why deploying a solution like CleanINTERNET is so important, to have real-time threat protection on all inbound and outbound traffic, keeping a strong shielding posture and enforcing an advanced security policy is the only way to protect against the next wave of cyber-attacks.

  1. Cyber-Physical – This is the nightmare scenario, right: a virus that doesn’t just display silly advertisements, doesn’t care about money or click fraud information. These malware families are out to destroy your information and data on your computer. While reading the summary of attacks listed in the article, it occurred to me that they are all nation-state level attacks going from one nation to another. While not necessarily threat intelligence, Centripetal combats this threat by clearly listing the geographic location of all ITAR-related IP addresses. We also track the intelligence associated with the download and C2 vectors. 

  1. Malvertising – Another threat which has emerged within the last few years and yet another example of how cyber criminals will leverage legitimate services to do bad things to good people. Cyber security professionals and IT administrators alike struggle with enterprise-level solutions to this threat. Centripetal’s service blocks potentially malicious advertisements, while still allowing the content of the page to load by using threat intelligence feeds targeted towards identifying sources of the threat. We also use threat intelligence feeds that target the goals of the cyber criminals behind the threat, such as targeting botnets and recent intrusion methods.

In summary, it is very inspiring to me as an experienced cyber analyst that the Centripetal’s CleanINTERNET service does so much to combat contemporary threats with minimal impact to operations across so many threat vectors. In all my time working the security field, I have never seen a security appliance or service that does so much in one stop solution! 

Learn more about CleanINTERNET 

 

Tags: Analytics, Intelligence, Artificial Intelligence, Security, Splunk, CleanINTERNET, Centripetal