Over the course of December and into the New Year, my inbox fills up with predictions for what 2018 will bring cybersecurity.
At the end of 2016 we assessed a whole host of industry predictions and determined 12 topics that would dictate 2017: skills gap, ransomware, poor routine IT practices, political disruption, CIO activities, social media attacks, AI, advanced cyber-criminals, GDPR, a cloud vendor compromise and better security collaboration.
Most of that came true, although the predictions on ransomware came nowhere close to the impact that WannaCry and NotPetya would come to have. So with an inbox bursting with predictions for 2018, I triaged all of the comments into 11 themes. In no particular order, here are the first six:
Ransomware
It is no surprise that this features so highly after 2017's headlines. In terms of evolution, it was predicted that after the mass distribution we would see more targeted attempts, with Eric Klonowski, senior advanced threat research analyst at Webroot, predicting the first health-related ransomware targeting devices like pacemakers. “Instead of ransom to get your data back, it will be ransom to save your life.”
As well as being more targeted, predictions from Trend Micro were that attackers “will run digital extortion campaigns and use ransomware to threaten non-GDPR compliant companies”, while Imperva predicted that extortion-enabled disruption will intensify this year, “manifesting in disabled networks, internal network denials of service, and crashing email services”.
Breaches Get Worse
Instances of data loss at Uber, Equifax and other companies will not end in 2017, and Tyler Moffitt, senior threat research analyst at Webroot, predicted at least three separate breaches of at least 100 million accounts, while Imperva said that with the take-up of cloud computing, we’ll see massive cloud data breaches.
Viktors Engelbrehts, director of threat intelligence at eSentire, added: “Politically motivated and espionage cyber-attacks against the critical infrastructure industry will continue to increase. There is also the potential for loss of human life as a result of targeted cyber-attacks, especially in the healthcare sector.”
Data breaches are an unfortunate major part of cybersecurity now, and it’s hard to see a world where unsecure data is a factor. One cause for this is the new data protection regulation...
GDPR
That regulation is of course GDPR, which comes into force on May 25 2018. On the minds of most in cybersecurity, it was not a surprise that this featured so heavily in the vendor predictions we received. Colin Tankard, managing director of Digital Pathways, predicted that the shortage of staff will impact GDPR adoption, “especially in the rise of the Data Protection Officer” and that come May 25, only 10% of companies will be ready for GDPR and, by the end of the year, we will see the first companies closing due to having to meet the considerable fines.
To also combine two trends, both Trend Micro and FireEye believed that attackers will run digital extortion campaigns and use ransomware to threaten non-GDPR compliant companies “as attackers seek to capitalize on a potential fear of large fines.”
Biometric Adoption
The adoption of biometric technology has increased over time and with the introduction of fingerprint and now facial recognition authentication on mobile devices, will we see more adoption of this technology in the enterprise?
John Pescatore, director of emerging security trends at the SANS Institute, said that consumer advances will drive workplace change. “Large numbers of consumers now routinely use biometric authentication on their mobile phones and 28% of consumers are using two factor authentication on at least one personal account.”
Webroot’s Paul Barnes believed that there will be a continued growth in biometric services, and as a result devices with usernames and passwords will become the legacy choice for authentication. However, Klonowski from Webroot believed that we will see the first biometric-access-based exploits using facial recognition or fingerprint access.
Artificial Intelligence and Machine Learning
Intrinsically different, but often put on the same shelf, are the 'magic and witchcraft' of AI and machine learning.
There were two different perspectives on these technologies but there was no doubt that there will be a larger uptake: Splunk claimed that the spend on analytics technology will be higher as companies find new ways to make sense of the vast amounts of smart device-generated data. FireEye believed that the security industry will begin to see more automation, machine learning and artificial intelligence used to combat cyber-attacks because of a lack of people.
Patrick Hubbard from SolarWinds said that the integration of AI and machine learning capabilities is widely perceived as critical for business success in the coming years and although this technology is poised to offer breakthrough possibilities to business leaders, artificial intelligence also brings with it widespread uncertainty with respect to the impact on jobs.
However, these technologies were not roundly welcomed. Paul Shomo from Guidance Software/OpenText predicted the return to off-the-shelf SIEMs and detection technologies by the end of 2018, while Pescatore said that these technologies have “vastly overpromised as technology that will eliminate or drastically reduce the need for experienced and skilled cybersecurity staff.”
More Mobile Threats
A set of predictions would not be complete without some assumption on the device in your hand or in your pocket. Christopher Cain, associate malware removal engineer at Webroot, believed that we will see the first major malware infection in the Android App Store while Klonowski believed that we will see the first widespread worming mobile phone ransomware, perhaps spread by SMS/MMS.
In the second part of this article we will look at the other five trends, comments related to them and whether predictions really do ever come true.