The Future Today Institute, an organization that provides forecasts about how emerging technology will disrupt business and transform the workforce, has once again looked into its crystal ball—and cyber security executives might not be thrilled with the predictions.
In its 2018 Tech Trends Report, the institute said organizations and individuals can expect to see more sophisticated data breaches, advanced hacker tactics, and targeted ransomware against devices in offices and homes.
Here are some of the key security-related prognostications:
- The historical tension between security and privacy domains will unleash new challenges this year, report said. Individuals are providing more data each day, and as more connected devices enter the marketplace the volume of available data will continue to rise. But the companies making devices and managing consumer data are not planning for future scenarios, and off-the-shelf compliance checklists will not be sufficient. Managers will need to develop and constantly update their security policies and make the details transparent. Today, most organizations aren’t devoting enough budget to securing their data and devices, the report said.
- Distributed denial of service attacks (DDoS) will increase. In the past few years the number of DDoS attacks have spiked, the report said. The U.S. was hit with 122 million DDoS attacks between April and June 2017 alone. One of the more notable DDoS incidents was a massive attack that shut down many leading Internet cites, caused by the Mirai botnet and infecting Dyn, a company that controls a large portion of the Internet domain name system infrastructure. Cyber criminals are leveraging more sophisticated tools, and that means future attacks will be larger in scope and could have greater impact.
- Ransomware will continue to be a threat with the growth of cryptocurrencies. There was a spread of ransomware attacks, including WannaCry, Petya, and NotPetya, during 2017. In England, WannaCry shut down systems in dozens of medical centers, which resulted in hospitals diverting ambulances and 20,000 cancelled appointments. Because cash and online bank transfers are easy to track, the currency of choice for ransomware attacks is bitcoin, which moves through an encrypted system and can’t be traced. The rise of blockchain and cryptocurrencies have transformed ransomware into a lucrative business, according to the report. Just backing up data will probably not be enough of a measure against these attacks.
- Russia will remain a big source of hacker attacks. The country is home to the world’s most gifted and prolific hackers, who are motivated both by a lack of economic opportunity and weak law enforcement, according to the report. In the past two years it has become clear that Russia’s military and government intelligence agencies are eager to put home-grown hackers to work, infiltrating the Democratic National Committee, Olympic organizations and European election commissions, it said.
- Zero-day exploits will be on the rise. These attacks are dangerous, and finding vulnerabilities is a favorite activity of malicious hackers, the report noted. A number of zero-day exploits have been lying dormant for years—and two emerged late in 2017. A flaw found on chips made by Intel and ARM led to the realization that virtually every Intel processor shipped since 1995 was vulnerable to two new attacks called Spectre and Meltdown.
- There will be more targeted attacks on digital assistants. Now that digital assistants such as Alexa, Siri, and Cortana have moved from the fringe to the mainstream, expect to see targeted attacks, the report said. Whether they target the assistants or their hardware (Amazon Echo, Apple HomePod, Google Home), it’s clear that the next frontier in hacking are these platforms.
- In the wake of several hacking attacks during elections around the world, several government agencies are now making public their plans to hack offensively, according to the report. The U.K.’s National Health Service has started hiring white hat hackers to safeguard it against a ransomware attack such as WannaCry, which took the nation’s health care system offline. Singapore’s Ministry of Defense is hiring white hat hackers and security experts to look for critical vulnerabilities in its government and infrastructure systems. And in the U.S., two agencies responsible for cyberwarfare—the U.S. Cyber Command and the National Security Agency—are looking to leverage artificial intelligence (AI) as a focus for the U.S. cyber strategy.
- Also thanks to advancements in AI, one of the big trends in security is automated hacking—software designed to out-hack human hackers. The report said the Pentagon’s research agency DARPA launched a Cyber Grand Challenge project in 2016, with a mission to design computer systems capable of beating hackers at their own game. The agency wanted to show that smarter automated systems can reduce the response time—and develop fixes in system flaws—to just a few seconds. Spotting and fixing critical vulnerabilities is a process that can take human hackers months or even years to complete, the report said.