December 20, 2018 at 7:05 am #27714
- Topic 842
- Replies 0
- posts 842
#News(Security) [ via IoTForIndiaGroup ]
echday spoke to Fortinet security insights and global threat alliances chief Derek Manky about the concept of swarm intelligence and why Internet of Things (IoT) devices are the path of least resistance.
Tell us about the concept of swarm intelligence.
It’s a strength in numbers concept; by acting together as a cluster and intelligently communicating, computer and robot are able to achieve tasks that they cannot do on their own.
When it comes to examples like ants, they collectively talk to each other and work together to be able to process physical gaps in space, from tree branch to tree branch by forming bridges on their own.
Essentially, multiple agents forge together and conquer to achieve a greater task.
How do swarm intelligence attacks differ from traditional botnet attacks?
The first idea of Swarm Intelligence was actually coined in 1989.
At that time, it wasn’t being applied to cybersecurity, it was applied to nature but has since been adopted with the rise of robotics and AI.
If we look at traditional botnets and their effect, botnets are monolithic in a sense that they’re somewhat dumb.
They wait for commands from the bot herder (master) in order to execute an attack.
But what if these nodes were able to make autonomous decisions with minimal supervision, use their collective intelligence to solve problems, or simultaneously target multiple vulnerability points in a network using a variety of penetration and exploit techniques?
This is what happens with a swarmbot attack, allowing them to penetrate a network and source intellectual property or data that can be monetised by the attacker.
What are swarmbots and what are the potential impacts that they can have on organisations?
The idea of swarmbots is taking the human attacker out of the loop of botnet attacks, because humans are slow.
If you think of hundreds of thousands of infected machines that can actually talk to each other, they become more agile, quicker and increasingly efficient.
They are able to talk to each other, take action based on shared local intelligence, use swarm intelligence to act on commands without the botnet herder instructing them to do so, and recruit and train new members of the hive.
As a result, as a swarmbot attack that identifies and comprises of more devices will be able to grow exponentially, and thereby widen its ability to simultaneously attack multiple victims
And that’s what we’re starting to see, although in the early stages.
Swarmbots are primarily focused on connected IoT devices as this means there is a significant network which the swarm can move in and try to find the data to infiltrate – it’s a larger attack surface.
You must be logged in to reply to this topic.