A Gen V attack, also known as a 5th generation cyberattack, is a large scale, multi-vector attack vetor that is designed to infect multiple components of an information technology infrastructure, including networks, virtual machines, cloud instances and endpoint devices. 5th generation attacks can be extremely dangerous because they can spread quickly and outmaneuver conventional detection-based defenses such as firewalls. Gen V attacks are a part of the natural evolution of threats as changing defenses force attackers to hone their craft. NotPetya and WannaCry are two early examples of Gen V attacks.
Gen V attacks are typically charactered by their ability to cause very large data breaches and destruction of service (DeOS). Check Point Software Technologies uses the term "generations" to divide the evolution of information security into different segments characterized by date, attack vector and malicious payload. The first generation of cyberattacks in the late 1980s consisted of viruses carried on floppy discs that would need to be inserted into computers. During the second generation, which came about in the early 90s, attacks were launched over the internet instead of through floppy disks. During the third generation, which took place in the early 2000s, cyber-attackers evolved again to exploit vulnerabilities in software applications that relied on internet access. And in roughly 2010, cyber-attackers continued this evolution by developing 4th generation polymorphic malware that could take a different form in different attacks.
To be effective, Gen V cybersecurity must be built to decrease attack surfaces and provide real-time threat prevention. Because Gen V cyber-attacks can happen faster than conventional security systems can deal with, the focus for dealing with this type of cybersecurity problem should be on preventing attacks by correlating, storing and analyzing data across all network devices in real time. Strategies include the use of next-generation firewalls (NGFWs) with advanced functions including application awareness and the ability to use external threat intelligence feeds that provide security engineers with a live data stream related to potential or current threats. Other strategies include the use of microsegmentation and intelligent application delivery controls.