Cybersecurity Predictions for 2018

Cybersecurity vendors began publishing their forecasts for 2018 as early as November. We analyzed over 20 predictions from companies and bloggers to compile a list of the most popular trends. Let’s take a look at what’s in store for cybersecurity in 2018!

Top 10 Cybersecurity Predictions for 2018

1. Cybercriminals Will Use Machine Learning and Artificial IntelligenceHackers will leverage machine learning and AI for automated vulnerability discovery, more precise attacks, sophisticated phishing based on gathered information, and exploiting weak or stolen data for authentication. These technologies may also help hackers bypass detection and protection systems built on the same tech. Symantec predicts a standoff between hackers and forensic experts in this area in 2018.
2. Ransomware Will Continue to EvolveRansomware will remain a key part of the cyber threat landscape, with its variants growing and hackers shifting focus to mobile devices. Targeted ransomware attacks will increase, putting individual enterprises at risk of paying large ransoms. Trend Micro predicts ransom demands will rise, with cybercriminals threatening to expose data breaches and trigger GDPR fines. The Infosec Institute expects to see “ransomware-as-a-service” platforms appear on the Dark Web.
3. Exploitation of IoT Device VulnerabilitiesIoT vulnerabilities will increase as many devices are produced without proper security standards. Cybercriminals will find new ways to exploit these weaknesses for their own gain. Beyond DDoS attacks, IoT devices will be used as proxy servers to hide attackers’ locations and traffic, and as entry points into owners’ networks. Devices like biometric trackers, fitness bands, drones, smart speakers, and voice assistants will be hacked to extract data, infiltrate networks, and perform malicious actions.
4. Media and Social Media Account Hacks to Spread Fake InformationThere will be more hacks of media outlets and social media accounts to spread false information for profit. This will impact stock prices, manipulate public opinion, damage reputations, and enable propaganda through compromised channels.
5. Increase in Attacks on Industrial Enterprises and Supply ChainsComplex cyberattacks on industrial facilities using cyber espionage and industry-specific knowledge will intensify. With information about technologies, suppliers, partners, and key employees, cybercriminals will target weak links in the production chain. Kaspersky Lab predicts more supply chain attacks, including the addition of trojans to specialized software to infect strategic targets. The demand for industry-specific expertise may lead to the growth of “malware-as-a-service,” “attack vector development as a service,” and “custom attack organization” services targeting industrial enterprises.
6. Surge in Fileless and Lightweight MalwareFileless malware, which operates in memory without writing files to disk, will peak in 2018. These attacks are hard to detect, trace, and stop. Exploits targeting user credentials, privilege escalation, and the use of standard tools like PowerShell and Win32 for system infiltration will also rise.
7. Attacks on Mobile ApplicationsThreats to mobile devices will increase, with Android devices as the main target via Google Play, but iOS will also be affected. More advanced APT (Advanced Persistent Threat) malware for mobile platforms is expected as attack frequency and countermeasures evolve.
8. Attacks on Cloud Infrastructure and StorageMore companies using cloud storage will face attacks from hackers and state-sponsored groups. Data leaks from public cloud storage will expose personal keys, passwords, private information, and even intellectual property.
9. Exploitation of Vulnerabilities in Mobile Networks, Wi-Fi, and Bluetooth ProtocolsVulnerabilities in mobile networks can be life-threatening, especially as self-driving cars rely on these networks for data exchange. DDoS attacks could disable such vehicles. Positive Technologies experts see this as a real possibility. Airbus CyberSecurity predicts more attacks on open Wi-Fi connections, especially affecting users of outdated, unsupported devices. Such attacks may drive advanced users to adopt VPNs more widely.
10. Resurgence of Hardware AttacksHardware attacks, such as exploiting vulnerabilities in Intel Management Engine, are expected to make a comeback. If attackers succeed, targeted attacks and cryptolocker attacks could escalate to damaging not just data but also hardware like motherboards, according to Positive Technologies experts.

Cybersecurity Predictions for the World and Society

1. Most Companies Won’t Be GDPR-Compliant on TimeInfosec Institute predicts that most companies won’t be ready for the EU’s General Data Protection Regulation (GDPR) by its May 25, 2018 deadline. Trend Micro expects compliance to increase only after the first major lawsuit.
2. Increased Activity from State-Sponsored APT GroupsGovernments will use APT groups to target critical infrastructure in other countries. Nations will form coalitions to counter such attacks, share expertise, and sign non-aggression pacts. Kaspersky Lab believes experienced state-sponsored APT groups will target financial organizations to track money flows, and new APT groups will follow suit for both profit and intelligence.
3. Growth of State Cyber ArmiesCountries will establish cyber armies to protect national interests and citizens, monitoring national internet and critical infrastructure (power grids, water supply, banking networks) much like military border patrols.
4. Development of Cyber Threat InsuranceCompanies will increasingly view cyber threats as key business risks. After GDPR takes effect, more organizations will audit their automation systems, assess cybersecurity risks, and seek ways to mitigate or transfer them. Financial and tech companies will be the first to adopt cyber risk insurance.
5. The Second Wave of the Crypto WarThere will be ongoing conflict between privacy advocates and government control over device and communication encryption (email, messengers).

Cybersecurity Predictions for the Financial Sector

1. Increase in Logical Attacks on ATMsLogical attacks on ATMs will continue to rise, with full automation—mini-computers will infect ATMs and activate malware to dispense cash or collect card data.
2. Growth of Classic Payment Data Fraud SchemesData breaches in 2017 (Equifax, Uber, etc.) gave cybercriminals access to personal data, enabling identity theft and financial fraud. Expect a surge in classic fraud schemes.
3. Increase in Attacks on Mobile Banking UsersFraud targeting mobile banking users will rise, using both mobile malware and social engineering to trick users into transferring funds via banking apps.
4. Hacks of Web Wallets, Bitcoin Wallets, and Cryptocurrency AttacksThe cryptocurrency boom will lead to more hacks of bitcoin wallets and thefts. Mass scanning for unprotected web wallets is expected. Hackers may also use victims’ computers and mobile devices for unauthorized mining, and compromise websites to run mining scripts on visitors’ devices.
5. Banking Trojans Will Outperform Ransomware in ProfitsBanking trojans have evolved into advanced tools capable of attacking multiple banks, making hidden transfers, and covering their tracks. Symantec predicts they will remain highly effective and widely used by cybercriminals.

Vendor and Blogger Predictions for 2018

• Trend Micro: Use of known vulnerabilities in attacks will increase as enterprise security gaps grow. Organizations should prioritize patch management and employee training to protect valuable data.
• McAfee Labs: Hackers will use machine learning as a weapon in the software arms race.
• Symantec: Attackers will use machine learning and AI for even more powerful attacks. Incidents like WannaCry are just the beginning of new malware and DDoS attacks. Cybercriminals are ready to target millions of internet-connected devices at work and home.
• Airbus: Lack of social protection policies in the media will create serious risks for businesses. Attacks on wireless networks will intensify, and encryption will remain a challenge for law enforcement.
• InfoSec Institute: Ransomware will be the main threat, with a shift toward cryptocurrencies. Many companies will miss the GDPR compliance deadline.
• Check Point: Trends are driven by increased reliance on digital technologies and the collection/use of personal data by public and private organizations. Cryptocurrency regulation is also a hot topic.
• Panda Security: More malware targeting IoT and mobile devices, more ransomware, and more targeted attacks. Employee awareness initiatives, fighting fake news, and further cryptocurrency development are expected.
• Centrify: Organizations will respond to threats with zero-trust models, machine learning will help fight identity breaches, and ransomware profits will keep growing.
• Splunk: AI, machine learning, IT operations automation, and IoT will be key. DevSecOps will be important for combating new threats, and machine learning will be used for anomaly detection, event correlation, and resource planning.
• ESET: Ransomware, attacks on critical infrastructure, election security, and personal data protection will be major issues.
• Proofpoint: Attackers will continue to exploit people to install malware, transfer funds, and steal information, with significant changes in methods and behavior.
• Positive Technologies: The number of SOCs will triple, new laws will block 90% of primitive attacks, and the Diameter protocol will be replaced.
• Kaspersky Lab: IoT devices, ransomware, and cryptocurrencies will be top threats. Internet-connected cars and medical devices may also be targeted. Industrial security will be a focus after destructive ransomware attacks like WannaCry and ExPetr.
• Gartner: Global enterprise security spending will rise by 8% to $96.3 billion, driven by new regulations, changing buyer attitudes, awareness of emerging threats, and digital business strategies.
• Webroot: Smarter, more powerful attacks are expected, including on biometric security and mobile devices. Consumers will demand protection of their data from the government, and the CISO role will become key in companies.
• Forbes: 60 predictions from experts and CEOs cover attacks on governments and critical infrastructure, fake news, personal data and GDPR, IoT, AI, cryptocurrencies, biometrics, and the global shortage of skilled cybersecurity professionals.
• InformationSecurityBuzz: Predicts increased use of software containers for security, which could prevent incidents like Equifax and change budget planning priorities.
• CSO Online (Michael Nadeau): Not all companies will be GDPR-compliant on time. State-sponsored attacks will increase, threat detection automation will develop, and misplaced trust will lead to failures in the fight against cybercrime.
• Malwarebytes (Justin Dolly): Cryptojacking will be a main target for scammers, PowerShell attacks will rise, underground cybercrime will keep growing, and attacks on security tools will increase.
• CSO Online (Bob Carver): IoT botnets, crime-as-a-service, zero-day vulnerabilities, and more are key threats, along with recommendations for improving security.
• Medium.com (Kelly Shortridge): Trends include more ransomware, bitcoin wallet vulnerabilities, increased attacks on smart devices, more US-origin cyberattacks, and GDPR implementation challenges.