Although companies are putting significant emphasis on evolving and improving their cybersecurity, cybercrime is following a similar pattern, largely enabled by the emergence of new advanced technologies.
With this in mind, Dave Palmer, Director of Technology at DarkTrace, predicts how cybercrime will evolve in a range of ways during the course of 2018.
1) AI will supercharge phishing attacks
AI won’t just be used by the good guys. In 2018, we will start to see the emergence of sophisticated threat-actors harnessing AI technology to launch sophisticated, automated campaigns. Imagine a piece of malware that can train itself on how your writing style differs depending on who you are contacting, and leverages this nuanced understanding to send tailored, contextually relevant messages to your contacts. These phishing messages will be so realistic that the target will fall for them, downloading malicious attachments or following dangerous links. Such advances in AI will take us to the next stage in defenders versus attackers, and we need to be ready.
2) Large-scale attacks will become automated – and hackers won’t discriminate
2017 saw the emergence of self-spreading attacks causing widespread damage from WannaCry to NotPetya. Indeed, cyber-criminals go where the money goes: adopting this capability lets them infect a different magnitude of devices compared to past years. 2018 will see more of this – pairing automation with ransomware, spear-phishing, and IoT to effectively target a vast number of victims. These attacks won’t discriminate – merely participating in a national economy now appears to be sufficient to make an organization vulnerable. No company is out of scope for malicious intent, even if they think they have nothing worth stealing.
3) Attackers will threaten the integrity of organizations’ data – manipulating the market on the way
The hacks of the past year have heralded a new era. Rather than merely being motivated by financial gain, hackers are devoting more time and resources to longer lead campaigns with a different goal – the integrity of information. These ‘trust attacks’ can cause long-term damage to organizations through the erosion of trust in the data itself. If a criminal wanted to harm an oil and gas firm, for example, a less obvious and more damaging method of attack than switching off an oil rig might be to hack into the sensors that they drag through the oceans collecting data and change the information that they send back, in order to influence the firm into buying drilling rights in the wrong places. Tomorrow’s attackers aren’t motivated purely by dollars – and organizations must be prepared.
4) Sophisticated threat-actors will target critical infrastructure
In late 2017, the U.S. government issued a rare public warning that sophisticated threat-actors are targeting industrial firms. It is almost a certainty that in 2018, we will see an uptick in sophisticated campaigns against national critical infrastructure. More troubling still, the threat actors don’t even have to be limited to nation-states. Individuals that seek to do harm now have access to a variety of nation-state toolkits on the Dark Web, and it’s only a matter of time before they begin investing the resources into launching disruptive campaigns of their own.
5) AI won’t just be predictive – it will fight back
In 2017, AI met the challenge of identifying never-before-seen cyber-threats by understanding ‘self’ for corporate networks. In 2018, those networks will become self-defending, uniquely capable of taking precise, targeted action to neutralize cyber-attacks as they emerge. 2018 will truly be the year of machines fighting machines within organizations – may the strongest algorithms win.
Dave Palmer, Director of Technology, Darktrace