Rising tide of malware
Looking over the last couple of years, attacks have been gaining pace and targeting us in new ways. It used to be that malware would steal your bank details to get cash from people, but now it’s content to encrypt all of your data and ransom you for that cash. There will continue to be a tremendous amount of ransomware moving forward as exploits emerge, as this is the vector these attacks rely on.
Over the next year there’ll be a rise in the amount of ransomware attacks that result in data being destroyed, sometimes simply for the hell of it. Taken directly from Michael Caine’s Alfred in the Batman films, ‘some men just want to watch the world burn’.
There is a clear shift away from purely money-based motivation and a raft of political and ideological ideas are now coming into play with cyber attacks. And many of these represent a rise in nihilism that we haven’t previously seen.
Politicisation and the role of government
Critical blue and Petya/NotPetya were signs that there is going to be an increasingly prevalent role played by governments in cyber security in the next year; both through their own activity and through the use of their exploits that are released into the wild by criminals.
Over the last few weeks, it’s been interesting to follow the Mueller case against Trump, with the first indictments showing a pretty clear Russian involvement in the US election, developing a new playbook for affecting international concerns – to great success. As a result, governments are going to provide further leaks of weaponised exploits that will be seized on by others.
Dissemination of data and doxxware
Last month, a plastic surgery clinic to the stars in London had its data taken by attackers. But rather than hold onto the information in exchange for payment, the threat was that it would be shared publicly if the ransom was not paid.
>See also: Using AI intelligently in cyber security
There will be more of these highly-crafted spear-phishing attacks in the coming year, as attackers look to gain entry to highly sensitive data and threaten to release this to the world. With the dark web and major file-sharing sites easily available, the tools for this spreading of data are only too easy to get hold of.
Targeting of physical infrastructure
We’ve seen the targeting of infrastructure through programmes such as Stuxnet being developed for specific facilities. If you then imagine that this same technique is aimed at power grids or the water supply, then it’s clear to see that the potential problems could be vast, especially in countries with less-robust infrastructure. WannaCry was a clear example of this. In 2018, we can expect this line between cybercrime and physical repercussions to grow thinner still.
In the security domain, we’ll start to see trickle-down effects in terms of artificial intelligence as we move forward. If you think about the hierarchy of those working in AI, you’ve got DeepMind at the very top, along with Google and other major companies.
They are all doing some seriously exciting, specialised intelligence work that is pushing the boundaries of what is possible through these systems. As these companies continue to innovate, the security industry will begin to use their more advanced techniques and systems to the benefit of our own products.
Skills gap in AI
As we move forward, it seems that AI will also be used specifically to try and combat the skills gap in cyber security. It’s well established that there simply aren’t enough people with the requisite skills within the industry, so it’s up to vendors and their partners to supply these services or make their products as easy to use as possible, to minimise the technical skill needed to run them. There will be a real move towards AI being made as simple and useful as possible for teams to use while the industry looks to address the skill gap.
The misuse of AI bots
The use of AI bots placing more targeted phishing adverts and emails is already here, analysing large amounts of social media information to profile their targets.
Online chat bots are also being seen more and more in use for customer service – therefore positioning them as a system that people trust. Attackers will look to use this trust and build chatbots to try and obtain bank details from people – so expect a rise in the amount of malicious chatbots found on the internet.
The amount of internet-enabled and connected devices, BYOD policies within the workplace and new products such as the Amazon Key is only going to provide further attack vectors. As these become more commonplace, expect to see a greater amount of insider threats emanating from targeted devices, rather than simply through people.
Sourced by Dr. Jamie Graves, CEO & founder, ZoneFox