Cybersecurity trends seem to be changing at an incredible rate. That poses new opportunities for criminals and new challenges for the professionals charged with securing our systems. High profile attacks not only undermine trust in huge organizations, they also highlight a glaring gap in how we manage cybersecurity in a rapidly changing world. It also highlighted that attackers are adaptive and incredibly intelligent, evolving their techniques to adapt to new technologies and new behaviors.
The big question is what the future will bring. What cybersecurity trends will impact the way cybersecurity experts work – and the way cybercriminals attack – for the rest of 2018 and beyond.
Let’s explore some of the top cyber security trends and predictions of 2018:
Artificial Intelligence and machine learning based cyber attacks and defenses
AI and ML have started impacting major industries in various ways, but one of the most exciting applications is in cybersecurity. Basically, Artificial Intelligence and Machine Learning algorithms can learn from past events in order to help predict and identify vulnerabilities within a software system. They can also be used to detect anomalies in behavior within a network. A report from Webroot claims that more than 90% of cybersecurity professionals use AI to improve their security skills.
However, while AI and machine learning can help security professionals, it is also being used by cybercriminals too. It seems obvious: if cyber security pros can use AI to identify vulnerabilities, so can people that seek to exploit them. Expect this back and forth to continue throughout 2018 and beyond.
Ransomware is spreading like fire
Storing data on the cloud has many benefits, but it can be an easy target for cyber criminals. Ransomware is one such technique – criminals target a certain area of data and hold it to ransom. It’s already a high profile cyber security concern. Just look at WannaCry, Petya, Meltdown, and Spectre, some of the biggest cyber security attacks in 2017.
The bigger players (Google, AWS, and Azure) of the cloud market are trying to make it difficult for attackers, but smaller cloud service providers end up paying customers for data breaches. The only way these attacks can be reduced is by performing regular back-ups, updating security patches, and strengthening real-time defenses.
Complying with GDPR
GDPR (General Data Protection) is an EU regulation that tightens up data protection and privacy for individuals within the European Union. The ruling includes mandatory rules that all companies will have to follow when processing and storing personal data. From 25 May, 2018, General Data Protection (GDPR) will come into effect where important changes will be implemented to the current data protection directive. To mention a few it will include increased territorial scope,stricter consent laws, elevated rights and more. According to Forrester report 80% companies will fail to comply with GDPR out of which 50% would choose not to, considering the cost of compliance. Penalties for non-compliance would reach upto €20m or 4% of worldwide annual turnover, whichever is greater.
The rise of Cyberwar
Taking current cybersecurity scenario into consideration, there are high possibilities 2018 will be the year of international conflict in cyberspace. This may include cyber crimes on government and financial systems or their infrastructure and utilities. Chances are cyber-terrorism groups will target sensitive areas like banks, press, government, law-enforcement and more similar areas.
The Ashley Madison attack – which involved attackers threatening to release personal information about users if the site was not shut down – shows that ideological motivated attacks are often very targeted and sophisticated with the goal of data theft and extortion. The attack on Ashley Madison is testament to the fact that companies need to be doing more as attackers become more motivated.
You should not be surprised to see cyber-attacks going beyond financial benefits. The coming year can witness cyber crimes which are politically motivated that is designed to acquire intelligence to benefit a particular political entity. These methods can also be used to target electronic voting system in order to control public opinion. These kind of sophisticated attacks are usually well-funded and lead to public chaos. Governments will need to take extensive checks to ensure their network and ecosystem is well protected. Such instances might lead to loss of right to remain anonymous on the web. Like everything else, this move will also have two sides of the coin.
Attacking cyber currencies and blockchain systems
Since Bitcoin and Blockchain were booming in the year 2017, it becomes a crucial target area for hackers. Chances are attackers may target smaller blockchain systems who opt for weaker cryptographic algorithms to increase performance. On the other hand, the possibility of cryptographic attack against Bitcoin can be minimum. The major worry here would about attacking a block with minimum security practices, but eventually that block could lead to larger blockchain system.
One of the major advantage for attackers here is they don’t really need to know who the opposite partner is, as only a verified participant is authorised to execute the trade. Here, trust or risk plays an important part and that is blockchain’s sweet spot.
For example: Receiving payments in government issued currencies have higher possibilities of getting caught but there is a higher probability of succeeding in cryptocurrency payments.
Well, this may be the end of this article but is not an end to the way things might turn out to be in 2018. We still stand midway through another year and the war of cyberthreats rages.
Don’t be surprised to hear something different or new as malicious hackers keep trying newer techniques and methodologies to destroy a system.