• Technologies
    • Black Lotus Labs
    • Cloud
    • Edge Compute
    • Collaboration
    • Managed Services
    • Network
    • Security
  • Business Advice
    • Business Continuity & Disaster Recovery
    • Customer Experience
    • Data Driven Business
    • Operational Efficiency
    • Tech Trends
  • Industries
    • Financial Services
    • Healthcare
    • Gaming
    • Manufacturing
    • Media and Entertainment
    • Pharmaceutical
    • Public Sector
    • Retail
    • Technology
  • About Us
    • Leadership Perspectives
    • NewsRoom
  • Technologies
    • Black Lotus Labs
    • Cloud
    • Edge Compute
    • Collaboration
    • Managed Services
    • Network
    • Security
  • Business Advice
    • Business Continuity & Disaster Recovery
    • Customer Experience
    • Data Driven Business
    • Operational Efficiency
    • Tech Trends
  • Industries
    • Financial Services
    • Healthcare
    • Gaming
    • Manufacturing
    • Media and Entertainment
    • Pharmaceutical
    • Public Sector
    • Retail
    • Technology
  • About Us
    • Leadership Perspectives
    • NewsRoom

Predicting the Next Cyber Attack

Lumen Posted On March 16, 2017
0


0
Shares
  • Share On Facebook
  • Tweet It

Digital data protect or secure concept. Security

Do you know where the next cyberattack will strike or when it’s likely to happen? Using machine learning techniques and data analysis, it’s now possible to forecast cyber attacks with a decent degree of accuracy.

Mind you, we can’t pinpoint the exact time of an attack, but like weather forecasters, we can review the available data, look for digital fingerprints and behavior patterns and assess whether a specific target is in the crosshairs of cybercriminals. Like sharks circling prey, attackers exhibit certain behaviors and characteristics when they’re planning to strike, and we’re getting better at detecting the early stages of their kill chain.

In some recent cases, Black Lotus Labs identified behavior signaling an imminent attack and notified the targets. Our researchers noticed attackers were poking and prodding around the target, and even conducted small-scale test attacks as a precursor to a much larger action. This type of behavior is pretty typical. Think of it as the terrorist “chatter” intelligence agencies talk about when warning of an imminent attack. 

Early Signs

You’ll recall the massive distributed denial of service (DDoS) assault on Dyn in October 2016. The attack blacked out popular websites such as Netflix, Twitter and Reddit, starting on the East Coast and rolling westward.

Leveraging computers and Internet of Things devices such as webcams, the perpetrators targeted Dyn’s servers because the company is a DNS provider, acting as a kind of internet switchboard. Targeting a DNS provider delivers a bigger bang because the provider connects with so many other companies.

When the big attack took place, we provided Dyn with information on the types of code, ports and protocols used by the perpetrators.

In another case, we picked up on the preparations for an attack on an online gaming company just as it got ready to launch a new game. Perpetrators conducted small test attacks and performed vulnerability scans, using botnets known to deliver DDoS attacks.

We put protections in place, and when the attackers struck, we were able to fend them off. In this case, attackers targeted the login portal, which they concluded was the most vulnerable target in the gaming company’s infrastructure.

Evolving Science

Predicting cyber attacks isn’t an exact science. But this area of cybersecurity is developing quickly, and we are making great strides. It will become more and more reliable as we continue to collect and analyze new strains of malware, identify their origins, and determine how they are used and what damage they can inflict. We also are getting better at monitoring attack patterns within specific vertical industries and using the information to help predict attacks on other organizations in the same – and related – verticals.

With machine learning and data analysis, we can track malware and cybercriminals’ movements. We can look at IP addresses of potential victim sites and keep an eye on botnets designed to steal data and deliver DDoS attacks. We catalog the specific characteristics and profiles of victims that make them a target to complement the work we do in tracking down known attackers’ traits.

These activities refine our forecasting. They allow us to do reconnaissance and raise the red flag when an attack is imminent. These predictive capabilities aren’t unlike the scouts used by the vast Roman and Mongolian armies to track their enemies’ movements — or the hot-air balloons employed by the French in the 18th century for military reconnaissance.

Predictive tools and techniques offer us another weapon in the fight against cybercrime. They give organizations more than a fighting chance to fend off cybercriminals and their seemingly bottomless cache of attack methods and malware variants.

A More Proactive Approach

It’s important to remember that predictive tools and techniques don’t replace other cybersecurity components. Organizations still need firewalls, endpoint protection, intrusion detection, web filtering and all the other necessary layers of security. Predictive analysis adds another layer and turns what has primarily been a passive discipline of building up defenses and waiting into a more proactive approach against cyber crime.

Predictive cybersecurity is at best a forecast, and as any other type of forecast, it’s not perfect. But as we refine data-collection methods and analytics tools, accuracy will improve. As a result, we will get better at predicting and stopping cyberattacks.

Learn more about how Black Lotus Labs protects the internet against cybersecurity threats.

Learn More

Related posts:

  1. How to Prepare Your Midsize Business for 4 Emerging Cybersecurity Threats
  2. Ismdoor Malware Continues to Make use of DNS Tunneling
  3. Transforming Threat Data into Actionable Intel
  4. Protect Your Data With Good Old Common Sense
0
Shares
  • Share On Facebook
  • Tweet It


CybersecurityCybersecurity Attacks


Author

Lumen

Lumen is guided by our belief that humanity is at its best when technology advances the way we live and work. With 400,000 route fiber miles serving customers in more than 60 countries, we deliver the fastest, most secure global platform for applications and data to help businesses, government and communities deliver amazing experiences.

Trending Now
Qakbot: retool, reinfect, recycle
Black Lotus Labs June 1, 2023
A Hybrid Workforce Demands A Modernized WAN Strategy
Callahan Krivanek May 22, 2023
You may also like
Lumen Operational Advisory: Anatomy of a DNS Water Torture Attack
May 11, 2023
It takes an ecosystem to secure the future of K‑12
May 4, 2023
Podcast | Creating Byte-sized Insights on Privacy-Enhancing Technologies
March 6, 2023
SD-WAN and Next Generation Networking for Modern Retail Bank Branches
Read Next

SD-WAN and Next Generation Networking for Modern Retail Bank Branches

  • Categories

    Adaptive Networking

    Connected Security

    Hybrid Cloud

    Communications and Collaboration

    Edge Computing

    SASE


  • Lumen is guided by our belief that humanity is at its best when technology advances the way we live and work. With 450,000 route fiber miles serving customers in more than 60 countries, we deliver the fastest, most secure platform for applications and data to help businesses, government and communities deliver amazing experiences.

Services not available everywhere. ©2022 Lumen Technologies. All Rights Reserved.
Press enter/return to begin your search