On Dec. 31, we’ll close the books on a year that will go down in history — not due to world events, scientific discoveries or pop culture happenings, but because of the record numbers of personally identifiable information (PII) exposed through major data breaches and cybersecurity events that happened throughout the year.

At the same time, rapid technology innovation caused companies across industries to rethink how they leverage digital tools such as artificial intelligence (AI), machine learning, augmented and virtual reality, and more into their operations. But with these changes — according to Gartner’s “Top 10 Strategic Technology Trends for 2018,” 40 percent of companies have already made progress in piloting or adopting AI solutions — there will also be new possibilities for cybercriminals to capitalize on vulnerabilities.

Five IBM Security Predictions for 2018

The confluence of these events is forcing industries of all types and organizations of all sizes to rethink how they secure information within their enterprises and learn from mistakes of the past. As we look forward to a new year with new resolutions, we also look at how the developments in both cybersecurity and technology, as well as new and emerging threats, will impact 2018.

We’re fortunate to have some of the best researchers in the security world on our IBM X-Force team. We polled them for ideas about major trends in 2018, and some unique perspectives emerged. Let’s take a look at the top five IBM Security predictions for 2018.

1. AI Versus AI

2018 will see a rise in AI-based attacks as cybercriminals begin using machine learning to spoof human behaviors. The cybersecurity industry will need to tune its own AI tools to better combat the new threats.

As AI software becomes more mainstream and/or open source, cybercriminals will adopt AI tools to not only automate and accelerate their current activities, but also to more closely mimic natural behavior for social engineering and phishing purposes. The cat-and-mouse game of cybercrime and security innovation will rapidly escalate to include AI-enabled tools on both sides.

2. Africa Emerges as a New Area for Threat Actors and Targets

Our IBM X-Force IRIS team thinks that Africa, with its growth in technology adoption and operations, rising economy and increasing number of local resident threat actors, has the largest potential for net new, impactful cyber events. In 2018, Africa will emerge as a new focus area for cyberthreats: Attacks targeting organizations based there and events originating from the continent are both expected to rise.

3. Identity Crisis

Data from the more than 2 billion records stolen in 2017 will be used at a scale never seen before. Legislation to curb the use of stolen data will move closer to reality and companies will move further away from using identifiers such as Social Security numbers (SSNs). Alternatives to SSNs could include blockchain identity solutions, smart ID cards or e-cards, biometrics or a combination of these methods. Companies will shift to more secure methods involving risk-based authentication and behavioral analytics.

4. Ransomware Locks Up IoT Devices

We’ll see a pivot from using ransomware to lock up desktop computers toward attacking Internet of Things (IoT) devices. Expect the ransom to be lower as fraudsters move to a volume play and find a price point that is less than the cost of just buying a new one for users.

Large organizations with deployments of IoT security cameras, DVRs and sensors will be especially impacted by the coming wave of IoT ransomware. Like the recent rise of ransomware attacks in the health care industry, cybercriminals will target infrastructure that could adversely impact operations.

5. Finally Getting Response Right

2018 will be the year in which we see a major company demonstrate a fast and appropriate response to a large-scale data breach or cyberattack, including effective communications to inform stakeholders within and outside the business of the impact.

With the implementation of GDPR in May 2018, organizations doing business in the European Union (EU) will face stricter regulations around the protection of data and must report data breaches to regulators within 72 hours (or face steep fines of up to 4 percent annual turnover) and potentially notify the customer as well. With these penalties in mind, organizations are placing greater emphasis on preparing their incident response plans, which, we hope, will lead to an overall improvement in the aftermath of a breach.

Expect the Unexpected in 2018

The cybersecurity landscape changes so quickly that I wouldn’t be surprised if something bigger emerges and knocks one of these security predictions off the list early in the year. We’ll have to wait and see what 2018 brings, but if 2017 is an indication of the trajectory cybercriminals are on, the security community had better rest up over the holidays.

Listen to the complete podcast: 5 security predictions that will take hold in 2018

Never miss a new episode of the Security Intelligence podcast! Subscribe now on iTunes, SoundCloud or your favorite podcast platform.

More from X-Force

FYSA – Adobe Cold Fusion Path Traversal Vulnerability

2 min read - Summary Adobe has released a security bulletin (APSB24-107) addressing an arbitrary file system read vulnerability in ColdFusion, a web application server. The vulnerability, identified as CVE-2024-53961, can be exploited to read arbitrary files on the system, potentially leading to unauthorized access and data exposure. Threat Topography Threat Type: Arbitrary File System Read Industries Impacted: Technology, Software, and Web Development Geolocation: Global Environment Impact: Web servers running ColdFusion 2021 and 2023 are vulnerable Overview X-Force Incident Command is monitoring the disclosure…

Strela Stealer: Today’s invoice is tomorrow’s phish

12 min read - As of November 2024, IBM X-Force has tracked ongoing Hive0145 campaigns delivering Strela Stealer malware to victims throughout Europe - primarily Spain, Germany and Ukraine. The phishing emails used in these campaigns are real invoice notifications, which have been stolen through previously exfiltrated email credentials. Strela Stealer is designed to extract user credentials stored in Microsoft Outlook and Mozilla Thunderbird. During the past 18 months, the group tested various techniques to enhance its operation's effectiveness. Hive0145 is likely to be…

Hive0147 serving juicy Picanha with a side of Mekotio

17 min read - IBM X-Force tracks multiple threat actors operating within the flourishing Latin American (LATAM) threat landscape. X-Force has observed Hive0147 to be one of the most active threat groups operating in the region, targeting employee inboxes at scale, with a primary focus on phishing and malware distribution. After a 3-month break, Hive0147 returned in July with even larger campaign volumes, and the debut of a new malicious downloader X-Force named "Picanha,” likely under continued development, deploying the Mekotio banking trojan. Hive0147…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today