Winston Churchill once said, “If you’re going through hell, keep going.” And, “Never, never, never give up.”
As we look back at top cyber stories and security trends in 2017, these wise words from fearless leaders who have gone before us certainly apply to cybersecurity and the new 21st-century challenges confronting our world in 2018.
What’s HOT and Likely Getting HOTTER in 2018?
Last year we started with, “You ain’t seen nothing yet!”
Hold on! 2018 will be even worse online, if these global security experts are correct.
No doubt, more sophisticated hacker tricks, phishing attempts and data breaches are coming.
What are the most common security predictions for next year? New forms of malware, more expensive ransoms as more ransomware hits more organizations, Internet of Things (IoT) device problems at home, AI and machine learning gone astray (as a cyberweapon), cryptocurrency problems, cloud computing breaches and plenty more of everything we already saw in 2017.
Almost everyone is talking about the huge impact of GDPR in 2018 — some think the fines will wait for later after lawsuits will be filed, but most see a major shake-up coming for companies’ policies and procedures as a result of the new European privacy rules.
Other common cyberpredictions include increased scope and impact from DDOS attacks, the number of cybercriminals (and crimes) increasing, continued shortages of qualified security professionals — with new attempts to deal with the staffing problems, popular (and easy to use) home devices (such as Amazon Echo) getting hacked in new ways and much more nation-state hacking.
In addition, the election hacks, hacktivism and business email compromised (CEO fraud) show up on many lists as likely items that will expand in the coming year.
Why Take the Time to Understand Cybersecurity Industry Predictions?
There’s no doubt that security predictions are exploding and cover a very wide range of technology, physical security and Internet of Things (IoT) topics around the world. The breadth and depth of industry involvement in this cyber forecasting process even exceeds previous years, which is truly remarkable and shows the dramatic growth of the security industry as a whole.
So why take the time to go through these lists? I addressed this topic in detail back in 2016 for CSO Magazine in this piece: Why more security predictions and how can you benefit? I started by saying that Americans love baseball, hot dogs, apple pie and predictions. I also predicted that more security predictions would be coming — and I certainly nailed that cybersecurity trend.
But beyond just a fun end-of-the-year exercise, there is immense value for individuals and companies as they plan their future strategies. Here’s an excerpt of a few of the benefits to understanding what experts think may be coming soon:
- Gain industry knowledge, understand overall trends and expand your horizons beyond one stovepipe or topic. Security predictions help you understand industry trends and help you grow in your knowledge — if you do your homework and read the supporting research that usually comes from major vendors. Remember that the actual date the event happens is less important than trends, patterns and even repetition of an item. …
- Use the free advice, direction, insights and annual reports provided by many to respond to the expected cyberthreats.
- Use predictions as an opportunity to educate others. Get the word out on cybersecurity — whether that is to your company, your family or your community group. Are you bringing problems or solutions? We claim we want to educate end users on cybersecurity, so educate!
No doubt, there are some leftover (very similar) predictions from the past few years. There is also the annual chorus of: “Will this be the year for a Cyber Pearl Harbor or a Cyber 9/11 that brings down critical infrastructure for a section of the country?”
To get a full sense of the breadth and depth of security industry prediction lists and forecasts, I recommend going back in time and reviewing some of the previous security prediction roundups from 2015, 2016 and 2017 to help keep score on prognosticators. Our analysis process has not changed much in the many years since we started, and all decisions are made independent of company or magazine influence.
For more details, I encourage you to go to the prediction details by clicking on the hyperlinked report and/or visit the specific website and download the full white papers to get more details on these security trends and 2018 predictions lists. Many of these predictions have longer explanations as to why this will happen (with more data to share.) Be aware that some vendors may require you to register (often for free) to get their full prediction report.
So now we're ready to move on to the best (most complete) security prediction list for 2018, ranked from 1-18 using my vendor-agnostic rating system, along with honorable mention and late-arriving prediction lists.
Detailed Prediction Reports by Source
1) Trend Micro takes the top prize for again having an impressive, well rounded set of predictions. The Trend Micro theme is “Are You Ready for Paradigm Shifts,” and here are their top predictions:
- In 2018, digital extortion will be at the core of most cybercriminals’ business model and will propel them into other schemes that will get their hands on potentially hefty payouts.
- The ransomware business model will still be a cybercrime mainstay in 2018, while other forms of digital extortion will gain more ground.
- Cybercriminals will explore new ways to abuse IoT devices for their own gain.
- Global losses from Business Email Compromise scams will exceed US$9 billion in 2018.
- Cyberpropaganda campaigns will be refined using tried-and-tested techniques from past spam campaigns.
- Threat actors will ride on machine learning and blockchain technologies to expand their evasion techniques.
- Many companies will take definitive actions on the General Data Protection Regulation (GDPR) only when the first high-profile lawsuit is filed.
- Enterprise applications and platforms will be at risk of manipulation and vulnerabilities.
2) Symantec had another outstanding set of predictions for 2018 on a wide range of topics:
- Blockchain Will Find Uses Outside Of Cryptocurrencies But Cyber criminals Will Focus On Coins and Exchanges
- Cyber Criminals Will Use Artificial Intelligence (AI) & Machine Learning (ML) to Conduct Attacks
- Supply Chain Attacks Will Become Mainstream
- File-less and File-light Malware Will Explode
- Organizations Will Still Struggle With Security-as-a-Service (SaaS) Security
- Organizations Will Still Struggle With Infrastructure-as-a-Service (IaaS) Security — More Breaches Due to Error, Compromise & Design
- Financial Trojans Will Still Account for More Losses Than Ransomware
- Expensive Home Devices Will Be Held to Ransom
- IoT Devices Will Be Hijacked and Used in DDoS Attacks
- IoT Devices Will Provide Persistent Access to Home Networks
- Cryptocurrency Crash
- Wi-Fi Hacking
- Increased Adoption of Corporate Cyber Insurance
- IoT Botnets Force New Regulations
- Linux Attacks Will Double
- Multi-factor Authentication
- Hack Election Machines
- McAfee Labs predicts an adversarial machine learning “arms race” between attackers and defenders
- Ransomware to evolve from traditional PC extortion to IoT, high net-worth users, and corporate disruption
- Serverless Apps to create attack opportunities targeting privileges, app dependencies, and data transfers
- Connected home devices to surrender consumer privacy to corporate marketers
- Consumer apps collection of children’s content to pose long-term reputation risk
Nevertheless, this interview with FireEye executive leadership, including their CEO Kevin Mandia, is eye-opening regarding 2018 predictions:
In the Indo-Pacific region, FireEye said, China and neighboring countries are still continuing political disputes, especially with India, South Korea, Japan, the Philippines, Vietnam and other South-east Asian countries.
"Therefore, unorganized 'hacktivism' attacks as a response to these political tensions within and against these countries is expected to continue and possibly rise throughout the new year," the company warned.
According to FireEye, it observed an increase in non-Chinese and non-Russian APT groups in 2017 and expects to discover more in 2018. Ransomware is expected to rise in 2018, especially as administrators are slow to patch and update their systems.
Other popular techniques that will continue to be used in 2018 are strategic web compromises and spear phishing, especially in targeted attacks. We also expect to see many more destructive worms and wipers, the cyber security firm noted.
6) Kaspersky — Offers detailed cyberthreat forecasts in each major sector. For example, their financial predictions include:
- Cryptocurrency — in vogue in the cybercriminal world
- Speed increases danger
- Fraud as a service
- Other Kaspersky predictions about auto, connected health, industrial security and cryptocurrencies can be found at this excellent SlideShare.
8) Forcepoint — Offers eight different areas of concern for the year ahead and five predictions for 2018.
- An increasing amount of malware will become MitM [Man in the Middle]-aware.
- IoT is not held to ransom but instead becomes a target for mass disruption.
- Attackers will target vulnerabilities in systems which implement blockchain technology.
- A data aggregator will be successfully breached in 2018 using multiple attack methods.
- Massive Cloud Data Breach
- Cryptocurrency Mining
- Malicious Use of AI/Deception of AI Systems
- Cyber Extortion Targets Business Disruption
- Breach by Insiders
- Governments will no longer be the sole providers of reliable, verified identities
- More IoT attacks will be motivated by financial gain than chaos
- Cybercriminals will use ransomware to shut down point of sale systems
- Cybercriminals will attempt to undermine the integrity of US 2018 midterm elections
- Blockchain will overtake AI in VC funding and security vendor road maps
- Firms too aggressively hunting insider threats will face lawsuits and GDPR fines
- Backups will not prove enough to stop ransomware as hackers find ways to subvert this strategy.
- Consumer fightback — 2018 will see major a major backlash (maybe class action lawsuits) from consumers, requiring more regulations around data protection especially in the U.S.
- An increase in nation state cybersecurity breach activity as “cold war” like activity continues to escalate. Where countries and organizations (e.g., ISIS) will actually invest more into both defensive and offensive tech and skills to gain access to information that can be leveraged in numerous ways. I think we have only seen the early days of what’s possible and likely here.
- Discoveries of election meddling and social media tweaking will be an economic drag on some of the biggest tech giants in the industry — and be cause for further scrutiny on securing devices, networks, and communications channels and verifying identity. The tradeoffs between free speech and open digital access and convenience will become ever more apparent.
- State-sponsored service breach of critical infrastructure leading to loss of life and an extended timeframe to return to normal operations
- By year end 2020, the bank industry will derive 1 billion dollars of business value from the use of blockchain-based cryptocurrencies.
- Through 2022, half of all security budgets for IoT will go to fault remediation, recalls, and safety failures, rather than to protection. Most organizations don't have a budget for IoT security now, but they will need to add one, [Gartner Fellow Daryl] Plummer said. By 2019, IoT security incidents will make the nightly news.
- Through 2021, AI-driven creation of "counterfeit reality," or fake content, will outpace AI's ability to detect it, fomenting digital distrust.
13) Sophos — Offers details on malware likely coming in 2018.
And their PDF offers excellent details and a new malware forecast. They write: "In this report, we review malicious activity Sophos Labs analyzed and protected customers against in 2017 and use the findings to predict what might happen in 2018.
The malware we protect customers from transcends operating systems. Ransomware in particular targets Android, Mac, Windows and Linux users alike. (Android phones run a modified version of Linux.) Four trends stood out in 2017 and will likely dominate in 2018."
- A ransomware surge fueled by RaaS [ransomware as a service] and amplified by the resurgence of worms;
- An explosion of Android malware on Google Play and elsewhere;
- Continued efforts to infect Mac computers; and
- Ongoing Windows threats, fueled by do-it-yourself exploit kits that make it easy to target Microsoft Office vulnerabilities
"We will see targeted attacks on digital assistants."
It seems that every major tech company is now convinced that digital assistants (Alexa, Siri, Cortana) embodied as smart speakers (Amazon Echo, Apple HomePod) are the future of human-computer interaction. These devices are now mainstream and have become much more than just a convenient way to learn about today’s weather or get the latest sports scores.
15) IBM — Offers interesting predictions, with the first two items being somewhat different than many other lists:
- AI Versus AI
- Africa Emerges as a New Area for Threat Actors and Targets
- Identity Crisis
- Ransomware Locks Up IoT Devices
- Finally Getting Response Right
- Autonomous vehicles: "In the world of autonomous vehicles, we predict we are going to see much more incremental progress, and a slow and steady shift toward collaboration. Right now, it seems many are quick to imagine that a utopia of fully autonomous vehicles is just around the corner; however, the reality is that right now our algorithms just understand how humans drive with humans. Given this, our algorithms will need to evolve to better understand the nuances of how humans drive with semi- and fully autonomous vehicles; how various models from different manufacturers interact with each other on the road; and in diverse environments, infrastructure and weather conditions."
- Cutting the car: "Just as cable television users are cutting the cord in favor of streaming, this rise of shared mobility will lead some consumers to cutting the car. Personal car ownership will decrease over the years as alternative types of auto mobility flourish, and we project that Europe specifically will reach peak car by 2020. How soon we will see these shifts occur elsewhere remain to be seen, but it's safe to say that personal mobility will look drastically different a decade from today."
17) Checkpoint sticks to a few unique items in their forecast:
- Legitimate Organizations Caught Hacking
- Will Cryptocurrencies Be Regulated?
- Governments Deploying Cyber-Armies to Defend Their Citizens and Borders
New this year: “… More and more companies will start adopting the DevSecOps process and bring the Development, Security and Operations teams together. We’ve seen this work with companies and we know it reduces both the number of vulnerabilities introduced, and also the time to fix those vulnerabilities. By making one team with the mission of fast, secure, and stable code we ensure that these teams no longer have competing priorities which hinder secure releases. …”
BONUS FOR FUN Beyond Trust – Some great cybersecurity predictions at Beyond Trust that are similar to others. Also, these fun five-year predictions at the end of their report:
- Online secure elections.
- GDPR becomes untenable.
- Wearable medical devices.
- The end of cash.
- Bio-hacking will be in more than just in drugs and food.
- Fake social media is the next guerilla marketing tactic.
Other very good predictions, cybersecurity forecasts, and coming year security trends and write-ups that I’ve seen for 2018 include these articles, reports and blogs worth viewing: InfoSecToday.com, Securelist.com, HealthCareITNews.com (on new extortion attempts), InformationSecurityBuzz.com (on cyberinsurance), IEEE, Security Boulevard predictions (and their top 5 IT security trends), AT&T, Huffington Post, IDC (10 very interesting predictions for 2020 and 2021 including this: "By 2020, deception programs will be deployed by 60% of global 2000 companies to fool automated attacks, increase attacker costs, and improve attribution"), Secplicity.org, Digital Guardian.com (offering 30 experts' predictions, including yours truly), CSO Online, Centrify, Forbes (offering 60 predictions), Digital Journal, CIO Review, Business News Wales, Healthcareinfosecurity.com (Rebecca Herold on health data privacy), Splunk, IT Business Edge (on health care in the security crosshairs), ISACA, vArmour, Teramind (w/nice infographic), IT News Africa and betanews (covering an AI arms race and more).
Late-breaking security predictions for 2018 include: Kim Komando, RFID Journal (on IoT), the Outline.com (in which Kelly Shortridge scrambles the prediction process using an online Markov chain generator), HelpNetSecurity.com, IT World Canada (with a few contrarian items such as AI will NOT improve security), BankInfoSecurity (offering 10 cybersecurity trends) and SC Magazine (ten experts offer their top 2018 cyber challenges.)
Note: I continue to add other prediction reports here as new forecasts/cybertrends are released, so keep coming back into early 2018.
Prediction Awards
So which 2018 security predictions do I like best? Here are my award-winners for 2018.
Most Creative — eWeek — “Cars Steal Innovation Spotlight from Smartphones”
Newest & Specific — Zscaler — We will see targeted attacks on digital assistants. (Read the commentary above on #14).
Most Scary (yet practical) — Checkpoint — Legitimate Organizations Caught Hacking (I guess it depends on who is hacked and where ...)
Most Common and Likely (many) — Ransomware in more places with bigger ransoms demanded.
Most Dull (yet also insightful for the second year in a row) — Dan Lacey, White Hat Security: "Nothing will change."
Final Thoughts
I did not see very much missing this year on these prediction and forecast reports, but the Winter Olympics in S. Korea and FIFA World Cup (soccer) in Russia are noticeably absent. Of course, we also have the Super Bowl, World Series, March Madness and other major sporting events that could be disrupted.
There were plenty of people predicting critical infrastructure disruptions, but no one really sticking their necks out to say a major critical system failure (such as a dramatic regionwide or nationwide power outage or the significant loss of life because of hospital systems failure) is likely due to hacking.
Still, I agree with Bruce Schneier that regulation is coming for IoT when someone clearly dies from a cyberattack. Will 2018 be the year? Perhaps.
In conclusion, here’s one more quote from Abraham Lincoln that still applies as we head into 2018:
“The best way to predict your future is to create it.”