Guest Written by the security experts from BeyondTrust; the CTO, Brad Hibbert, the VP Technology, Morey Haber, the Technology Fellow, Scott Carlson and Director of Security Architecture
It’s that time of year again when we look back at what has motivated the market for IT cybersecurity solutions in the last year in order to develop our plans for the next year. With so many public exploits, data breaches and allegations of election hacking, there’s certainly no shortage of material to leverage!
Part of the dark magic involved in this annual exercise is making predictions based on what we’ve seen and where we believe the market is headed. So once again this year, our crack team of cybersecurity experts has gathered to debate and formulate their list of 2018 cybersecurity predictions.
To make this blog easier to navigate, we’ve categorized our predictions into four categories: Methods for major hacks, breaches and exploits; The business of cybersecurity – focus and investments; Offensive and defensive strategies; and Five-year predictions.
Enjoy! (We certainly enjoyed writing it!)
Category: Methods for major hacks, breaches and exploits
Prediction #1 – The bigger they are, the harder they fall
If we think the headlines shocked us with Equifax, SEC, and NSA – we will learn that large organizations have poor cybersecurity hygiene, are not meeting regulations, and are failing to enforce the policies they developed, recommend, and enforce on others. Next year’s news will have even more high-profile names and the root causes will be as shocking as the OMB breach.
Prediction #2 – Increase in mobile phone spam
With there being more mobile phones in most countries than there are citizens in those countries, mobile phone spam will rise 10,000% due to automated spam and dialing ‘botnets’ that essentially render most phones unusable because they receive so many phone calls from unidentified numbers. This rise in phone spam pushes cellular carriers to start to require that end users adopt an “opt in” policy so only those in their contacts can call them.
Prediction #3 – Major healthcare breach releases direct medical history of celebrities
Here’s a salacious one for you. Direct attacks on celebrities will continue in order to “1 up” the competition with leaks of celebrity information. Healthcare records will be stolen that indicate celebrity plastic surgery, pregnancies, and full disease history, causing the total downfall of some and the rise of others.
Prediction #4 – Major increase in ‘gaming deleteware’ infections
‘Gaming deleteware’ infections across most major platforms will increase as botnets continuously attack gaming networks and devices such as Steam, Xbox, PlayStation, and Nintendo systems with the sole intention of rendering the machine inoperable. The malware is downloaded as an embedded game addon, causing millions of devices to need to be replaced.
Prediction #5 – The first major Apple iOS virus hits within a popular “free” game
As users click on the ‘ad’ to play a game for free, their iOS11 device will be compromised, leaking all data stored in the local Safari password storage vault.
Prediction #6 – Continued growth in the use of ransomware and cyber-extortion tools
2017 has proven the model that vulnerabilities nearly 20 years old are being exploited in organizational networks (Verizon DBIR 2017), so the opportunity is too great and too easy for organized crime to ignore. Further, the commoditization of these tools on the deep web opens the door to anyone who feels the risk is worth the reward. This is likely to continue until organizations get the basics right and the risk/reward balance tips making ransomware far less appealing.
Prediction #7 – More end-user targeting
Penetration through unpatched servers like in the case of Equifax will happen, but hackers will continue to target end users with more sophisticated phishing and targeted malware taking advantage of unpatched desktops where clients have far too many privileges. Again, don’t take your eyes off the end users.
Prediction #8 – Biometric hacking will take front and center
Attacks and research against biometric technology in Microsoft Hello, Surface Laptops, Samsung Galaxy Note, and Apple iPhone X will be the highest prize targets for researchers and hackers. The results will prove that these new technologies are just as susceptible to compromise a touch ID sensors, passcodes, and passwords.
Prediction #9 – Cyber recycling
As we see a rise in the adoption of the latest and greatest devices, we will see devices, and now IoT, be cyber recycled. These devices, including mobile phones, won’t be destroyed however. They will be wiped, refurbished, and resold within the US and overseas even though they are EOL (end of life). Look for geographic attacks against these devices to rise since they are out of maintenance.
Category: The business of cybersecurity – focus and investments
Prediction #10 – More money for security, but the basics still won’t be covered
Organizations will continue to increase spending on security and new solutions, but will struggle to keep up with basic security hygiene such as patching. Hackers will continue to penetrate environments leveraging known vulnerabilities where patches have existed for quite some time. Regardless of whether it is an employee mistake, lack of resources, or operational priorities, we are sure to see this theme highlighted on the next Verizon Breach report.
Prediction #11 – IAM and privilege management going hand-in-hand
IAM and privilege management adoption as a required security layer will continue. We will see more security vendors adding identity context to their product lines. Identity context in NAC and micro-segmentation technologies will increase as organizations invest in technologies to minimize breach impact.
Prediction #12 – Greater cloud security investments
Vendors will begin to invest more heavily in cloud security specific deployments for customers migrating to the cloud. Supporting Docker/containers, DevOps use cases, and enforcing secure cloud configurations are some initiatives that will be driven by customers.
Prediction #13 – Acceptance that “completely safe” is unobtainable
As 2018 progresses and more and more organizations accept that breaches are inevitable there will be a shift toward containing the breach rather than trying to prevent it. This doesn’t mean abandoning the wall but rather accepting that it isn’t perfect, can never be and shifting appropriate focus toward limiting the impact of the breach. Organizations will refocus on the basics of cybersecurity best practices to enable them to build effective solutions that impede hackers without impacting legitimate users.
Prediction #14 – Chaos erupts as the GDPR grace period ends
As organizations enter 2018 and realize the size of the task to become GDPR compliant by 25th May 2018, there will be a lot of panic. This legislation seems poorly understood which has led to many organizations tabling it for ‘later’ and, for many, they will wait until the first prosecution is underway before they react. The EU gave over 2 years after GDPR passed into law (27th April 2016) for organizations to become GDPR compliant, there is likely to be little tolerance for non-compliant organizations which are breached after 25th May and, more than likely, some example setting. Those who completed their GDPR compliance ahead of the deadline will be right to feel smug as they watch their competitors flail.
Category: Offensive and defensive strategies
Prediction #15 – The United Stat es launches a cyberattack against an enemy
Bombshell! Following announcements by current President Donald Trump to “Wait and See” how the U.S. would handle foreign enemies, the U.S. will launch a coordinated cyberattack on Iran and North Korea rather than sending in physical troops. This “act of war” will be launched preemptively as the first public internet attack from a first world nation, and will cause the near total destruction of internet resources in these countries.
Prediction #16 – Increased automation in cybersecurity response
The size of the cybersecurity threat continues to grow through 2018, with increasing numbers of attack vectors combined with increased incidence of attacks via each vector (driven by commoditization of attack tools) leading to massive increases in the volume of data being processed by cybersecurity teams. This demands improvement in the automation of responses in cybersecurity tools to do much of the heavy lifting, thereby freeing the cyber teams to focus both on the high-risk threats identified and in planning effectively for improvements in defenses. Increased use of machine learning technologies and, from that, more positive outcomes will lead to a significant growth in this area.
Prediction #17 – Richer cybersecurity vision
As organizations’ needs for more comprehensive cybersecurity solutions grows, so will the need for effective integration between the vendors of those technologies. This will lead to more technology partnerships in the near-term and eventually to industry-standards for integration in the longer term. The ability for systems to work with relatively unstructured data will allow for more effective information interchange and, as a result, far richer and more rewarding views across our cyber landscapes.
Prediction #18 – It is now law
Governments will begin passing legislation around cybersecurity and the basic management for IoT devices required for safe and secure computing.
Category: 5 years from now
Time to have a bit of fun! Looking ahead five years, our Sorcerers of Security see some of these trends emerging:
- Online, secure elections. Fully online elections will be allowed as a new open source election software is fully certified by the IEEE Foundation – and adopted by every state.
- GDPR becomes untenable. Following the launch of GDPR, most European nations find that it is difficult to continue to do business with the rest of the world due to sharing limitations, leading to poor consumer experience and lack of good content on smart devices. A revolt by customers wanting better customer service reverses course on GDPR allowing default “opt in” for consumer behavior data.
- Wearable medical devices. While these have improved to automatically inject vitamins and other medicines as soon as the smart wearable detects that you need it. As wearable technologies are now able to monitor sugar levels and blood levels, refillable cartridges can now inject any drugs with loadable cartridges so that patients no longer forget to take critical medicines.
- The end of cash. With some governments around the world mandating all transactions will be cashless in the next few decades, look for an increase in cybersecurity threats and innovative payment mechanisms as the world moves to a truly cashless society. In ten years, ATMs will be as sparse as public pay phones.
- BioHacking will be more than just in drugs and foods. Alterations to our lives and body chemistry will include technology and hacks will come with the technology to alter our bodies beyond what the technology intended.
- Fake social media is the next guerilla marketing tactic. We have already seen the beginning of nation state hacktivism using social media and elections. This vehicle may have altered the U.S. election based on Facebook and Twitter paid campaigns. In the next five years, we will see this threat evolve from countries and nation states to any entities looking to hack and influence public opinion for marketing and crowdsourcing. If you say the same falsehood enough, and with enough fervor, it will become truth and businesses will learn how to hack and leverage this messaging for their own purposes. It will be a new form of guerilla marketing.