2017 has been an eventful year when it comes cybersecurity. Most notably, there were major data breaches (Equifax) and world-wide ransomware attacks (WannaCry and NotPetya). Ransomware has been a prominent threat for a couple of years now, and while it seems to be shifting targets, it still remains one of the leading cybersecurity risks. Data breaches also seem to be a regular occurrence, and that will likely not change.
It is doubtful 2018 will be a quiet year, tendencies from 2017 will likely continue into the new year. However, we will also see new ones. Below you will find our top 4 cybersecurity trends for 2018.
Increase in attacks on critical infrastructure
There is a worrying trend of attacks on critical infrastructure. Back in 2016, parts of Ukraine’s capital Kiev had lost power in what turned out to be a cyber attack. The attack did significant damage to power systems and left many people without electricity. And just last week, cybersecurity company FireEye reported that a critical infrastructure facility suffered a cyber attack in which safety systems were penetrated. The victim was not identified in the report, and FireEye believes that hackers working for a nation were responsible. We are likely going to see similar attacks in 2018 as well.
Attacks on critical infrastructure do not just include power plants. Public health, transportation, agriculture, financial and water supply services might also become targets. And while security experts have been warning about these kinds of attacks for years, now that we have real examples on how they might be carried out, critical infrastructure organizations will need to take security more seriously and employ prevention measures.
Ransomware shift in targets
There is no doubt ransomware is a profitable business, it is speculated that cyber criminals made around $1 billion in 2016. In retrospect, hackers made only $24 million in 2015. This year, however, it is speculated that ransomware creators made $2 billion, double the amount made in 2016. With such huge sums of money circulating in the industry, it is evident that ransomware will only grow in 2018.
However, in the upcoming year, we might see a shift in targets. Hackers are becoming aware that businesses and organizations are where the money is. Regular individual users are asked to pay between $300 and $500 on average, and unless the infection spans over tens or hundreds of thousands of computers, it will not make that much of a profit. However, businesses and organizations are a different matter. For example, a South Korean web provider was forced to pay $1 million when a ransomware infection locked up more than 3 thousand websites.
Smaller businesses may become likely targets, some speculate. In comparison to huge corporations, smaller businesses tend to have more relaxed security, and loosing important data could mean disastrous consequences to them, thus they are likely to pay the ransom. That does not mean bigger companies are not in danger, however. Nevertheless, with ransomware gaining traction each year, potential targets are becoming increasingly more aware of the danger. In 2018, targets in the high-risk zone will likely strengthen their security and have better protocols on how to handle attacks. That means creating regular backups, educating employees about cybersecurity, employing specialists and creating a protocol to handle attacks as gracefully as possible.
We might also see ransomware technologies used for different purposes. It is still debated whether the two most well-known ransomware attacks in 2017 were actually money oriented, and not state-sponsored wiper malware aiming to cause as much havoc as possible. Due to ransomware-as-a-service, these technologies are available to anyone with enough money, so these kinds of attacks might become common practice.
Users will continue to endanger their privacy
Users are notoriously ignorant when it comes to their own privacy. While there are those who take it seriously, the sad reality is that the majority of people are not that concerned with the amount of information about themselves they give away. And if users are not concerned, data collecting parties are not either. Just like in 2017 and the years before that, in 2018, there will be little user awareness about data collection. Users will continue using free programs without reading the privacy policies, and install questionable smart phone apps without wondering why they need permission to read the entire device.
Most users are very cautious with their real life privacy, so if a random person approached and asked to read their text messages, they would be more than a little uncomfortable. They might think that the digital data gathered is not important, but unfortunately, someone could get a very clear picture of you just from collected data alone. And the thought that your information is sold and traded all over the place should make you more nervous.
However, there is good news. Some companies are working towards giving users more control over their privacy. Google, for example, is rolling out a feature that will warn users when a smartphone app is collecting information stored on the device unauthorized. Whether users pay any mind to the warning is up to them, however.
In addition, on 25 May 2018, Europe’s General Data Protection Regulation (GDPR) will go into effect. It aims to give back control over personal data back to the users, and should make data gathering more transparent. Users will need to give explicit consent to have their data collected and will be provided with clear information about where that data will be used. However, while these regulations should improve data security, people still need to play their parts and be more aware.
Machine learning used to both defend and attack
Machine learning will be successfully applied in cybersecurity, allowing to identify vulnerabilities, fix flaws, perform large-scale operations and protect from attacks. However, with machine learning and its application becoming a widely discussed topic, cyber criminals are also gaining interest. In 2018, we will likely see the two sides using machine learning in an arms race. Adversaries will likely use machine learning to support their attacks, making it that much more difficult for cybersecurity experts to predict and deal with them. After all, just like cybersecurity experts will be able to detect and patch flaws much faster, adversaries will be just as quick to identify and use them.