Cyberattacks are on the rise, and the attack surface is expanding. According to a recent report by security geek Derek Manky, the increase of online devices and digital tools, along with the need for accountability on multiple levels, is creating vulnerability for the digital economy.
Manky, the global security strategist at Fortinet Inc., joined Peter Burris (@plburris) and Lisa Martin (@Luccazara), co-hosts of theCUBE, SiliconANGLE Media’s mobile live streaming studio, at the Fortinet Accelerate 2017 event to discuss Fortiguard Labs and its commitment to beating the bad guys to the punch. (*Disclosure below.)
A 15-year veteran of the cybersecurity industry, Manky leads a team of more than 200 top threat intelligence researchers and analysts at Fortiguard Labs to investigate and protect against the latest threats, battling to win the global war on cybercrime.
Manky is in the spotlight as theCUBE’s Guest of the Week.
The brightest minds prepare for battle
The team of experts at the lab performs what Manky calls “reverse engineering” on malware samples to find the attacker’s digital fingerprints. They focus on several areas, including industrial attacks, mobile platforms and malicious websites. Additionally, the company invested plenty of resources in artificial intelligence and machine learning to deep-dive into more than 50 billion attacks a day.
“We cannot win this war alone, just relying on the brightest minds in the world, but we can’t also rely 100 percent on machines to control threats. You can never trust 100 percent … automation, rather you can get up to 99 percent with automation. But you still need those bright minds looking at it,” Manky asserted. He believes in using the machines to find the needle in the haystack and escalate big attacks to the brilliant minds at the lab.
Manky explained that for every legitimate model created; there is an illegitimate model to follow, especially in the digital underground and dark web. Artificial intelligence helps to locate attacks; however, as stated earlier, the attack surface has grown, with over 20 billion connected devices. Intrusion protection reaches far beyond personal computers for security teams, but the Internet of Things makes every connected device a target.
Nevertheless, cybercriminals are catching up. Manky described how they are developing automated systems and algorithms of their own, using them to do the heavy lifting while infecting systems. In any given minute Manky and his team see anywhere from 500,000 to 700,000 hacking attempts across their infrastructures worldwide.
“Our job is to identify that – we don’t want to block things we shouldn’t. The emphasis is on the quality of intelligence as well, so we use machine learning to validate and protect against attacks,” he reported.
An AI arms race
Some of the biggest threats Manky experiences are autonomous malware getting into data and attack points. He pointed out that attackers seed the internet with what Manky refers to as “ticking time bombs.” These threats are ready to infect unsecured devices; machines are mapping out vulnerable points in systems and producing machine against machine attacks.
With the power of IoT comes responsibility. Manky believes it is necessary to hold IoT manufacturers accountable for security breaches. His report predicts that attacks targeting IoT devices will become more sophisticated and cybercriminals will exploit the weaknesses in the IoT communications and data gathering chain.
Yet with all the possibilities of breaches, there is hope. “I really firmly believe that this year is a year that we can have the advantage as white hats to get one leg up on the black hat attackers,” said Manky. He is confident that the fabric ready approach that Fortinet is using will prevail.
Winning the war against cybercrime requires bringing everyone together. Manky is passionate about the Cyber Threat Alliance, cofounded by companies such as Fortinet, Intel Security, Palo Alto Networks and Symantec. The mission of the Alliance is “to disperse threat intelligence on advanced adversaries across all member organizations to raise the overall situational awareness in order to better protect their organizations and their customers.”
Manky also feels it is necessary for the industry to come together with law enforcement. If the company finds something incriminating, they do not have the authority to handle it. On the other hand, he noted, “They don’t have all that expertise and intelligence that we do … we need to work together.”
Watch the complete video interview below, and be sure to check out more of SiliconANGLE and theCUBE’s coverage of Fortinet Accelerate 2017. (*Disclosure: Fortinet Inc. and other companies sponsor some Accelerate 2017 segments on SiliconANGLE Media’s theCUBE. Neither Fortinet nor other sponsors have editorial control over content on theCUBE or SiliconANGLE.)