On Dec. 31, we’ll close the books on a year that will go down in history — not due to world events, scientific discoveries or pop culture happenings, but because of the record numbers of personally identifiable information (PII) exposed through major data breaches and cybersecurity events that happened throughout the year.
At the same time, rapid technology innovation caused companies across industries to rethink how they leverage digital tools such as artificial intelligence (AI), machine learning, augmented and virtual reality, and more into their operations. But with these changes — according to Gartner’s “Top 10 Strategic Technology Trends for 2018,” 40 percent of companies have already made progress in piloting or adopting AI solutions — there will also be new possibilities for cybercriminals to capitalize on vulnerabilities.
Five IBM Security Predictions for 2018
The confluence of these events is forcing industries of all types and organizations of all sizes to rethink how they secure information within their enterprises and learn from mistakes of the past. As we look forward to a new year with new resolutions, we also look at how the developments in both cybersecurity and technology, as well as new and emerging threats, will impact 2018.
We’re fortunate to have some of the best researchers in the security world on our IBM X-Force team. We polled them for ideas about major trends in 2018, and some unique perspectives emerged. Let’s take a look at the top five IBM Security predictions for 2018.
1. AI Versus AI
2018 will see a rise in AI-based attacks as cybercriminals begin using machine learning to spoof human behaviors. The cybersecurity industry will need to tune its own AI tools to better combat the new threats.
As AI software becomes more mainstream and/or open source, cybercriminals will adopt AI tools to not only automate and accelerate their current activities, but also to more closely mimic natural behavior for social engineering and phishing purposes. The cat-and-mouse game of cybercrime and security innovation will rapidly escalate to include AI-enabled tools on both sides.
2. Africa Emerges as a New Area for Threat Actors and Targets
Our IBM X-Force IRIS team thinks that Africa, with its growth in technology adoption and operations, rising economy and increasing number of local resident threat actors, has the largest potential for net new, impactful cyber events. In 2018, Africa will emerge as a new focus area for cyberthreats: Attacks targeting organizations based there and events originating from the continent are both expected to rise.
3. Identity Crisis
Data from the more than 2 billion records stolen in 2017 will be used at a scale never seen before. Legislation to curb the use of stolen data will move closer to reality and companies will move further away from using identifiers such as Social Security numbers (SSNs). Alternatives to SSNs could include blockchain identity solutions, smart ID cards or e-cards, biometrics or a combination of these methods. Companies will shift to more secure methods involving risk-based authentication and behavioral analytics.
4. Ransomware Locks Up IoT Devices
We’ll see a pivot from using ransomware to lock up desktop computers toward attacking Internet of Things (IoT) devices. Expect the ransom to be lower as fraudsters move to a volume play and find a price point that is less than the cost of just buying a new one for users.
Large organizations with deployments of IoT security cameras, DVRs and sensors will be especially impacted by the coming wave of IoT ransomware. Like the recent rise of ransomware attacks in the health care industry, cybercriminals will target infrastructure that could adversely impact operations.
5. Finally Getting Response Right
2018 will be the year in which we see a major company demonstrate a fast and appropriate response to a large-scale data breach or cyberattack, including effective communications to inform stakeholders within and outside the business of the impact.
With the implementation of GDPR in May 2018, organizations doing business in the European Union (EU) will face stricter regulations around the protection of data and must report data breaches to regulators within 72 hours (or face steep fines of up to 4 percent annual turnover) and potentially notify the customer as well. With these penalties in mind, organizations are placing greater emphasis on preparing their incident response plans, which, we hope, will lead to an overall improvement in the aftermath of a breach.
Expect the Unexpected in 2018
The cybersecurity landscape changes so quickly that I wouldn’t be surprised if something bigger emerges and knocks one of these security predictions off the list early in the year. We’ll have to wait and see what 2018 brings, but if 2017 is an indication of the trajectory cybercriminals are on, the security community had better rest up over the holidays.
Listen to the complete podcast: 5 security predictions that will take hold in 2018
Never miss a new episode of the Security Intelligence podcast! Subscribe now on iTunes, SoundCloud or your favorite podcast platform.
Caleb Barlow is an accomplished security professional and former Vice President at IBM Security, where he led IBM's Threat Intelligence and Incident Response...