Future of Offensive Cyber Security
Here are four topics that are the future of offensive cyber security
https://www.youtube.com/watch?v=oaPFNCAZLNs
Artificial Intelligence
Artificial Intelligence is at the top of my list because I believe it is the most prevalent nowadays. The field of artificial intelligence is massive and a lot of it is still based on research and finding the best models for different applications.
In the world of cyber security, it is currently being used for face and voice recognition in biometrics, multi factor authentication, pentesting, and in other realms like credit card fraud prevention systems. I am more interested in the offensive side of cyber so I have explored this more in depth.
With pentesting, there comes a lot of time spent trying to find bugs, known exploits or points of entry to start breaking things. AI helps with reducing this time through something called reinforcement learning.
Take Deep Exploit for example. This program was made for the model to learn which premade attacks to use when certain information is available during the reconnaissance phase of the attacks. Through training the model it could then take any kind of open source intelligence, try the known hacks that work and with accuracy exploit and get to where it needs to get to.
Another example of AI in offensive security is creating a fake persona and giving them kids, a wife, grandparents, a dog and a whole life. There is no way of verifying if this is a real person nowadays. Companies are starting to roll out verification check marks, but no one in their right mind would pay monthly fees for those.
Automation
Automation is at the heart of cyber security currently. Many companies use this to save time and money. More automation, less workers needed. Another way of looking at it though, from an offensive point of view, is more automation, more time being able to spend on important points on the attack surface.
Most cybersecurity tools are automated and if they are not they can easily be automated with bash scripts or python. Programs like NMAP are used to do reconnaissance of a target network. Arguably, the most important part of an attack is the reconnaissance phase. The more you know about the target the more likely you are able to find something that wasn’t configured right, is outdated, or a new bug (zero day).
Big Data for OSINT
Big data for open source intelligence is being used and will be used to determine specific details about an attack surface or target. Like I said above with reconnaissance, the more you know, the more you are able to break things. With terabytes of data being flown into a pipeline and dashboard about your target, you can determine things like device versions, locations, people who currently work at the company, previous employees, disgruntled employees, GitHub posted secrets, etc. The list goes on. You can get the idea.
A program I am currently looking into is OpenCTI, it does what I just explained. It needs modifications of course for what you want specifically, but it is a great start. A lot of people do not appreciate the time others took to test, develop and design these programs, you should take advantage of open source projects.
Quantum Computers
Quantum computers are currently not being used widely because they are very inefficient. I give it about 10–15 years before a personal quantum computer gets delivered to your door.
Currently the only advantage between a classical computer and a quantum computer is the lowered time and space complexity that it provides. Meaning, that a quantum computer is much faster at computing and solving issues than a classical computer. In terms of offensive security, this could be the death of AES encryption as we know it. Being able to bruteforce billions of values in hours is what will break these “very” strong algorithms that we have today.
I can also see these computers being used to run pentests at insane rates, processing big data in seconds and ultimately breaking any program with fuzzing.
References:
https://www.ibm.com/topics/quantum-computing
https://github.com/OpenCTI-Platform/opencti
https://github.com/13o-bbr-bbq/machine_learning_security/blob/master/DeepExploit/README.md
