Formerly, phishing attacks relied primarily upon a malware-based payload such as a backdoor.
               This strategy, however, is changing with the evolution toward cloud-based Infrastructure-as-a-
               Service  (IaaS),  Platform-as-a-Service  (PaaS),  and  Software-as-a-Service  (SaaS).  Attackers
               now  leverage  credential  harvesting  attacks  to  a  greater  degree  to  gain  quick  access  to  the
               identifying credentials required by these services. This trend will likely continue, as link-based
               attacks are difficult to detect and to remediate, and they can be rotated quickly. Such attributes
               give  the  attacker  an  additional  edge  against the  target  and  allow  the  attacker  to more  easily
               overcome legacy-based security solutions.



               In the future, prevention of cyber attacks will rely on machine learning and artificial intelligence.
               While such terms and buzzwords may be frequently thrown around, learning from past cyber
               attacks  through  automated  models  greatly  reduces  an  organization's  risk  and  exposure.  For
               example, credential harvesting pages set up by one actor are often similar to those set up by
               another.



               Which Actors Are Winning the Cyber War?

               When we think about cyber war, China has already won the first battle for many reasons, having
               exfiltrated  terabytes  of  valuable  intellectual  property,  personally  identifiable  information,  and
               intelligence data. Iranian-backed interests attacked Saudi Aramco in 2012, wiping out tens of
               thousands of computers; this act represented the first strike in a destructive cyberwar. Russia
               too  has  altered  the  threat  landscape  with  its  successful  information  warfare  operations
               campaigns, which injected doubt and discord into a foundational process of the free modern-day
               society. Russia thus exploited freedom of speech to its own advantage and effectively won the
               third battle of the cyber war. North Korea, quietly copying Iran, “won” its skirmish with Sony.



               The  future  of  cyber  security  is  continually  evolving  toward  greater  complexity.  With  mobility
               increasing, the former defense-in-depth approach involving multiple layers of network security
               has  fallen  flat  in  the  face  of  SaaS,  PaaS,  and  IaaS-based  applications.  To  evolve  effective
               protection,  defenders  must  now  look  to  the  means  of  attack  delivery:  phishing:  email,  social
               media, SMS attacks and application exploitation.




               New Attacks Arrive in Deceptive Packages
               A glance at the headlines is enough to convince us that evolution is well underway in attack
               delivery.  The  multi-vector  nature  of  phishing  means  that  these  attacks  now  happen  across
               email,  web  and  network  vectors.  While  email-borne  phishing  generates  the  most  dramatic
               headlines and notorious infections, such as WannaCry and BEC deceptions, a cyber attack is
               actually a three-vector interaction: when users encounter a phishing email, they are customarily
               induced to click on a link to a compromised web site, such as their own bank’s (phony) online

                    79   Cyber Defense eMagazine – September 2017 Edition
                         Copyright © Cyber Defense Magazine,  All rights reserved worldwide.