Just as the 1970s into the 1990s were a dangerous era for street crime, the coming decades may become similarly known for crime, but in a different venue, cyberspace. It was inevitable as so much of the nation’s — and the planet’s — business moved to the digital world. Perhaps one day a renowned cyber criminal will explain why he chose his specific target by invoking the words attributed to master bank robber, Willie Sutton, “That’s where the money is.”
Here’s our forecast for devices and systems as diverse as home appliances, the cloud and national security networks that are likely to become targets of criminals and international intrigue in 2019.
- Cyberwarfare escalation Without treaties and international cooperation frameworks, cyberwarfare will increase and become overt, leaving its “Cold War” character behind. Real geopolitical conflicts and ideological differences coupled with low barriers to entry, ample profit, immunity from prosecution, and fertile ground for recruitment will fuel the escalation. The result will be major disruptions, potential for massive economic impact, and loss of life.
- AI and Machine Learning will be used in cyber-attacks: Despite pronouncements by vendors that their AI and Machine Learning products are ready for prime time, the reality is that simpler, nimbler, and more targeted weaponized AI and ML systems are already in the hands of attackers, learning, being optimized, and actively deployed. Their use will increase, lending sophistication and scale to cyber-attacks, and making them even harder to defend.
- Major Cloud Breaches: Despite the obvious benefits of cloud computing (scalability, affordability, redundancy, etc.) the awareness that the cloud itself is a single point of failure will rise. Irrespective of the perceived and advertised security features, hackers will attack cloud infrastructures and breach them, resulting in massive data exfiltration and losses
- Exploited Internet of Things vulnerabilities will make the front page: The dramatic increase in Internet of Things devices will result in equally dramatic hacks against them. Medical devices, smart homes, smart cars, smart cities, and connected critical infrastructure will become targets of attacks, many of which will succeed in paralyzing those dependent the affected devices.
- Cryptomining malware will replace Extortion Malware as the internet’s greatest threat: Depending on market conditions, hackers will adjust and shift attacks from malware extortion schemes to hijacking computing power and using it in crypto mining of digital currencies, a.k.a. cryptojacking.
- Privacy Regulation impact will be expensive but not substantive: As well-meaning as they may be, reactive privacy regulations are expensive to implement and even more expensive to defend against violations. At the same time, their effect in protecting individual privacy is, at best, minimal. Essentially, the regulations are fortifying the barn after the horse has left it.
- Misinformation and Social Engineering Manipulation will increase: With the proven success of mass manipulation via social networks and manufactured “facts,” this practice will increase as well-funded and agenda-focused organizations recognize that they, too, can play this game. The art of propaganda will, therefore, find new fertile ground in social networks and associated technologies, further blurring the line between fact and fiction, and creating an environment of public mistrust, confusion, and chaos.
- Increased cybersecurity awareness will result in more spend with less results: As cybersecurity awareness becomes a boardroom issue, related spending will increase, but without hoped-for results. Although creating, maintaining, and fostering a cybersecurity-aware culture is critical to both corporate and individual survival, the absence of experienced and engaged leadership and actionable advice, will lead many astray and into the hands of snake-oil salesmen promising unrealistic results.
- Breach and Privacy fatigue: Yet another breach, another naked picture of a celebrity; meanwhile the rest of us go about our lives. As they become more frequent these cracks in confidentiality will become the “new normal,” translating to brand-immunity from scandal, reduced exposure and, potentially, less attention to privacy regulations.
- Blockchain hacks will increase: The trend of blockchain compromises will increase and so will the awareness that the “blockchain promise” infallibility doesn’t hold up. This will slow adoption and deployment of public blockchains in favor of the more “controlled” private (institutionally controlled) blockchain systems. Cryptocurrencies will also be hit since their value depends on the belief in the safety of these electronic wallets.