According to Trend Micro, artificial intelligence adds a whole new dimension to the cyber threat landscape and forces companies to adapt their defenses accordingly.

The annual Trend Micro Risk to resilienceThis year the tour takes place in the sun-drenched winter garden of Plein Publiek, just a stone’s throw from the Scheldt. Attendees will gain insight from Trend Micro’s perspective into the broad attack surface being reshaped by AI.

We take this opportunity to congratulate Nadine Serneels on her new role as Head of Belux, especially as she is the first female leader in Trend Micro’s Benelux management team. She is rightly proud of this: “It feels fantastic!” Not only am I happy about the opportunity I was given, but this is also a big step in terms of diversity in the IT world,” says Serneels .

The new gold

Pieter Molen, Technical Director at Trend Micro, takes the lead with new insights into the current threat landscape, which is evolving rapidly every year. And that’s not surprising, because just as cybersecurity companies devote themselves to developing new tools, threat actors are also developing innovative attack techniques.

Ransomware still seems to be one of the most popular attack methods. “Hackers want to make money and that is certainly possible with ransomware, even if the methods are evolving rapidly.” Data has become the new gold,” emphasizes Molen. According to Molen, phishing has not disappeared from the threat landscape for one very simple reason: “It just works.” A now-ubiquitous two-syllable has given it a new dimension: AI.

AI cuts both ways

AI is now integrated into everything and is also leaving its mark on the security landscape. “On the one hand, AI offers many opportunities, but on the other hand, it creates additional security concerns,” says Serneels. “It’s how you use AI that impacts IT in general,” she continues.

“We can protect ourselves with AI, but we also have to protect ourselves from AI,” says Molen. AI brings new threat attacks that penetrate companies. Canadian Shannon Murphy, Global Security and Risk Strategist at Trend Micro, shows how she can create a deepfake video of herself in just a few clicks. Guests are impressed by how quickly, easily and cheaply such manipulative videos can be created. What’s even more surprising is how realistic the video is.

You can no longer blame the victim

Shannon Murphy, global security and risk strategist at Trend Micro

Murphy talks about different forms of fraud within organizations: from election manipulation to credible fake emails or deepfake videos. For example, phishing emails with an AI approach are now difficult to distinguish from amateurish phishing emails full of spelling errors, strange sentence constructions or strange characters. Thanks to these advanced new AI-based techniques, “you can no longer blame the victim,” emphasizes Murphy. It just looks so real.

Is it still safe to use MFA?

Various developments are taking place in the cybersecurity landscape to address all of these new complex threats. One of them is multi-factor authentication (MFA). It is an additional security measure that adds a layer of verification to your password.

A single password is therefore not enough: approval via SMS or verification app is required to log in. So hackers have to open two doors before they can get the data they want. “Still, you’re not 100 percent safe with MFA,” says Molen. Hackers are becoming increasingly innovative and creative in their methods of data theft. “By mimicking Microsoft pop-ups in a way that is difficult to detect, threat actors can easily obtain your username and password,” Molen said. Such attack techniques show that we should not blindly rely on such tools. The human eye is the most powerful weapon.

Multi-factor authentication is not dead yet

Pieter Molen, Technical Director Trend Micro

Although hackers may focus on cracking MFA, this does not mean that this security is completely abandoned. This is still relevant because, compared to other cyberattacks that are automated, this type of attack only has a high chance of success if it is carried out in a targeted manner. “Unless there is a threat actor specifically targeting you, such a (successful) MFA attack will not happen anytime soon,” Molen reassures the public.

Cyber ​​attackers are innovative, but so are cybersecurity companies. How do you as an organization best respond to such threats? “Make it particularly difficult for attackers: rapid response, prioritization and communication are crucial. Furthermore, prevention is better than cure. Therefore, ensure that security measures are continuously and proactively improved,” replies Molen.

Context is key

As a company, you are already well positioned to combat cyber attacks with a comprehensive plan and the right defense techniques. A stumbling block within the defense story is the timely and correct anticipation of suspicious activity within the corporate network.

“First of all, it is important to detect the attack as quickly as possible, get an overview of what is happening and then take the necessary measures,” says Lucas Van Den Berg, Senior Manager Europe Incident Response and Rescue Team. “It is often the case for companies that the report of suspicious activity is received in a timely manner, but if it occurs outside of working hours, it is not picked up until the next morning and the attack could have occurred throughout the night.”

The right actions, at the right time and with the right priorities

Lucas Van Den Berg, Senior Manager Europe Incident Response and Red Team

Many companies also make a mistake in the next step, namely understanding the context and taking the right measures. “This is usually the case when employees do not have sufficient knowledge of the company network and therefore do not know what to do,” continues Van Den Berg.

Maturity

When it comes to security in general, Serneels, who has more than 25 years of experience in the tech world, has seen advances in companies. “In the past, security was hidden as part of the broader IT event, but now you can see that security has really become a separate branch that also reports to the board,” says Serneels.

This is not yet reflected at the same level in different countries. Compared to the Netherlands, Belgium and Luxembourg are a little more conservative when it comes to cybersecurity, “but a lot of progress has been made,” says Serneels. The big changes caused by Covid, but also the current NIS2 and DORA story, present companies with new challenges when it comes to compliance with regulations. “In general, cybersecurity has become more important, which is also reflected in the companies themselves,” concludes Serneels.

Given these findings and a few more demos and testimonials from Trend Micro customers, it’s time for a refreshing drink. We return to the sun-drenched winter garden to take in the new insights into the cybersecurity landscape.

This is an editorial contribution in collaboration with Trend Micro. Here More information about the company’s security solution can be found here.