Skip to main content

Gazing into cybersecurity's crystal ball...

(Image credit: Image Credit: Nitsawan Katerattanakul / Shutterstock)

Conventional thinking divides the digital and physical worlds into two distinct and separate realms, but in today’s connected and mobile world, does this still hold true? 2016 has certainly seen a blurring of the traditional lines between the online and physical, and as we approach 2017, I think that a continuance of this convergence will be the overarching trend for the year ahead. 

From a cybersecurity perspective, convergence acknowledges the digital transformation process that is already well underway; how it affects us and how we, in turn, affect it. 

I believe that security professionals are best served by viewing the digital and physical worlds as two halves of an integrating whole, and although they both may remain different, they are no longer separate. And as a new world emerges in 2017 it will challenge cybersecurity professionals in ways it never has before, so here are some of our top predictions for what to look out for in the New Year!

The rise of ‘criminal mastermind’ machines   
Automated and autonomous hacking machines designed to rapidly seek out vulnerabilities and potential breaches in networks are already here as we saw in DARPA’s Cyber Grand Challenge in Las Vegas this summer. The capabilities of AI cyber defence machines to search, uncover, interpret and remediate attacks and potential breaches far outpaces the abilities of human Security Operations (SecOps) teams and this is certainly a positive stride forward.  

However, widespread weaponisation of autonomous hacking machines by threat actors could well emerge in 2017 too; creating an ‘arms race’ to build autonomous patching. Self-directed hacking machines may be launched by rogue hackers or state actors to anonymise attacks, target and overwhelm rival national cyber defences, or even escalate into a geopolitical situation.  

The cyber ‘arms race’ could well represent the new Cold War, and like the proliferation of nuclear weapons technology proliferation; weaponised autonomous hacking machines may greatly impact global stability by either preventing national defence protocols being engaged or even, by triggering them unnecessarily.  

Prepare for Ransomware 

The huge success of ransomware in 2015 and 2016 likely means that we can expect more of the same in 2017. In the first half of 2016 alone, one gang of hackers made in excess of $120 million dollars using ransomware, so there should be no expectation that ransomware will simply ‘fade away’ in the New Year. 

Unfortunately, the vast majority of organisations remain vulnerable to ransomware and, on average, 37% of victims end up paying the ransom to re-obtain access to their critical data; while the number of exploit kits containing ransomware more than doubled from March through July in 2016 alone. 

Unethical organisations may fill their need for technological innovation and development by hiring ransomware hackers to obtain specific information from competitors, whilst at the very same time; the same hackers may offer to sell ransomed critical data to the highest bidders thus collecting ransom payments from their victims. After all, why collect just one pay check when you can collect two, or perhaps many more, from the same hack? 

In order to accomplish the above however, hackers will have to alter their current playbook, morphing ransomware to include data exfiltration techniques, to better capitalise on every ransomware hack. 

The Cloud’s expanding attack vector 

As migration to the Cloud continues apace, several new developments are putting users and data at risk in inadvertent ways, as the risk of hypervisor hacking increases in 2017. With governments moving to the Cloud, the underlying foundation that runs virtual machines may be increasingly subject to attack. For example, if a hypervisor were to become compromised attackers would then have full control of any and all systems running on them. 

Organisations are migrating their already vulnerable environments to the Cloud, relying on it alone to provide expanded security and reducing their security in the process. The likelihood being, Distributed Denial of Service (DDoS) attacks will become more common-place against cloud service providers, and as such, this will have secondary, knock-on effects to the clients and businesses using these clouds. 

A new frontier human/technology convergence 

Replacing traditional computer interaction with voice-activated AI means the ways in which we access the Web, data and apps will change. The emergence of voice-activated AI platforms such as Siri, Cortana and Alexa represents a new level of human and technology convergence. 

AI assistants will alter user behaviour and expectations from the previous traditional web experience, and ultimately, this will prove a sea change from the one-to-one interaction between human and device that we have thus far come to know so well. 

The convergence of technologies will generate a new round of consolidation, and the “big five” tech companies are all in the early stages of a race to wean us off of the traditional interface, the open Web, and the app ecosystem, and train us to use their respective AI assistants as our primary portals to the internet. 

The creators of AI interfaces will become powerful influencers of not just how we interact with machines, but also the direction of the information with which the machines will steer us. For example, which news channel will your AI interface send you to by default? Will it be Sky, BBC, MSN or even Buzzfeed?   The number of apps designed to leverage voice-activated AI such as Siri, Cortana, Alexa and others will explode in 2017, providing new levels of convenience and an enhanced user experience, but potentially, inadvertently throwing open a whole new threat vector too. 

Not since the dawn of the industrial revolution has technology progressed and impacted on our everyday lives in such a way that it does currently. The security challenges resulting from the rapid convergence of the digital and physical worlds aren’t the only ones we will see in 2017, but I think they are certainly the most compelling. 

Only by embracing the challenges we will face in this new and emerging threat landscape can we develop the solutions required to address them and this is the real ‘silver bullet’ security professionals should carry with them into the New Year. 

Image Credit: Nitsawan Katerattanakul / Shutterstock

Carl Leonard
Carl Leonard is a Principal Security Analyst within Forcepoint’s Security Labs team. He is responsible for enhancing threat protection and threat monitoring technologies at Forcepoint, in collaboration with the company’s global Security Labs teams.