Type “automated hacking tools” into Google and you will be presented with a stream of sites where you can instantly access an array of automated tools. These come complete with blog posts and easy to understand articles in the style of Buzz Feed's “Top 10” series, offering advice on the best kits currently available and how to use them.
This is, however, just the tip of the iceberg. Venture onto the dark web (if you know how) and you'll find yourself winding through the digital underworld of cyber-space's most notorious black market. Here, hackers peddle automated distributed denial of service (DDoS) ‘Stressor' tools which bombard networks with data until they crash, dictionary attack tools that pump email addresses and password combinations into website logins until a correct entry is achieved and even “worms” that can autonomously jump between and ‘infect' different Internet of Things (IoT) devices.
To put the effect of these types of tools in perspective, you only need look at the global cyber-attack that recently struck organisations including the NHS and the telecoms company Telifonica. The ransomware payloads used in the attack were delivered en masse by an automated delivery tool known as “eternal blue”, which allowed the malware to spread through file-sharing protocols set up across the internal networks of organisations.
With access to this kind of ready-made and automated digital weaponry, cyber-criminals with only a rudimentary skill set have been able to carry out multiple cyber-attacks with a degree of sophistication that was once the sole preserve of expert hackers. As readily available, automated hacking tools allow amateurs to carry out sophisticated attacks, it has not only dramatically increased the number of attacks but also widened the network of online criminals.
At the same, the pool of human talent needed to shore up defences and patch cyber-security vulnerabilities is running low. Following the largest ever survey of the global cyber-security workforce, it was found that there is expected to be a shortfall of 1.8 million cyber-security workers by 2022. This incredible deficit paints a sobering picture of the cyber-security manpower shortage and comes at a time when the frequency and sophistication of cyber-attacks is growing constantly thanks to the proliferation of automated hacking.
The nation-state threat
The anonymity provided by the web makes it extremely difficult to prove whether a cyber-attack comes from individual hackers or state intelligence. As a result, a “cyber cold war” has effectively ensued with nation-states operating via networks of puppet actors.
With the increasing availability of autonomous hacking tools, this network is growing as state-sponsored actors swell their ranks with amateur hackers who only need to know how to operate the weapons, not create them.
Research has shown that these nation-state hacking teams are employing automated custom-made and even open-source software as a means of carrying out “early-stage” surveillance and seeking vulnerabilities in future targets efficiently and at low cost. A clear warning came from Admiral Michael Rogers, US Cyber Command chief and director of the National Security Agency in a rare public statement where he revealed he watches for “nation states using surrogates as a way to overcome our capabilities in attribution.”
The military response
At the forefront of the fight back, leading defence agencies and military forces such as NATO and the US Department of Defence have turned to pioneering “intelligent” software to ensure their networks and computer systems are fortified against the most viscous cyber-attacks state actors can throw at them.
Fighting fire with fire, these organisations are now increasingly deploying automated cyber-defence technologies that can analyse vast and complex stretches of cyber-infrastructure for any underlying vulnerabilities that could potentially be exploited by hackers. Such technology can autonomously scour the “blueprint” of a network inside everything from a military airbase in Europe to laptops in Afghanistan, finding structural vulnerabilities and producing detailed reports on how to fix them.
With cyber-security skills in short supply, fielding units of human auditors to constantly reinforce defences bogs down much need resources in time-consuming but essential security work. Using machines to conduct rapid and detailed audits has allowed militaries to re-allocate their cyber-fighters from digging trenches on the frontline to conducting high-level strategic work and planning cyber-offensive operations in the command centre.
From the bunker to the boardroom
Private businesses and government organisations can learn from the war in cyber-space that has spilled over into civilian territory with state-manufactured automated attack tools being used to target government institutions, industrial facilities and corporate businesses.
As the automation of hacking enables advanced cyber-attack skills to percolate down to a wider array of hackers, public and private organisations must embrace automated defences that can match the efficiency and sophistication of human cyber-security experts. With the current digital skills drought there are no longer enough cyber-security professionals to carry out the necessary security audits that organisations need to ensure they are fully armoured against an attack.
Intelligent automated systems can now replicate the work of high-level security professionals, analysing networks, systems and devices with the speed and effectiveness of expert security teams. This technology is putting the defenders on a level playing field with the increasingly automated attackers and can enable organisations to compete with the next generation of cyber-attacks.
Contributed by Nicola Whiting, chief operating officer, Titania
*Note: The views expressed in this blog are those of the author and do not necessarily reflect the views of SC Media or Haymarket Media.