On Dec. 31, we’ll close the books on a year that will go down in history — not due to world events, scientific discoveries or pop culture happenings, but because of the record numbers of personally identifiable information (PII) exposed through major data breaches and cybersecurity events that happened throughout the year.

At the same time, rapid technology innovation caused companies across industries to rethink how they leverage digital tools such as artificial intelligence (AI), machine learning, augmented and virtual reality, and more into their operations. But with these changes — according to Gartner’s “Top 10 Strategic Technology Trends for 2018,” 40 percent of companies have already made progress in piloting or adopting AI solutions — there will also be new possibilities for cybercriminals to capitalize on vulnerabilities.

Five IBM Security Predictions for 2018

The confluence of these events is forcing industries of all types and organizations of all sizes to rethink how they secure information within their enterprises and learn from mistakes of the past. As we look forward to a new year with new resolutions, we also look at how the developments in both cybersecurity and technology, as well as new and emerging threats, will impact 2018.

We’re fortunate to have some of the best researchers in the security world on our IBM X-Force team. We polled them for ideas about major trends in 2018, and some unique perspectives emerged. Let’s take a look at the top five IBM Security predictions for 2018.

1. AI Versus AI

2018 will see a rise in AI-based attacks as cybercriminals begin using machine learning to spoof human behaviors. The cybersecurity industry will need to tune its own AI tools to better combat the new threats.

As AI software becomes more mainstream and/or open source, cybercriminals will adopt AI tools to not only automate and accelerate their current activities, but also to more closely mimic natural behavior for social engineering and phishing purposes. The cat-and-mouse game of cybercrime and security innovation will rapidly escalate to include AI-enabled tools on both sides.

2. Africa Emerges as a New Area for Threat Actors and Targets

Our IBM X-Force IRIS team thinks that Africa, with its growth in technology adoption and operations, rising economy and increasing number of local resident threat actors, has the largest potential for net new, impactful cyber events. In 2018, Africa will emerge as a new focus area for cyberthreats: Attacks targeting organizations based there and events originating from the continent are both expected to rise.

3. Identity Crisis

Data from the more than 2 billion records stolen in 2017 will be used at a scale never seen before. Legislation to curb the use of stolen data will move closer to reality and companies will move further away from using identifiers such as Social Security numbers (SSNs). Alternatives to SSNs could include blockchain identity solutions, smart ID cards or e-cards, biometrics or a combination of these methods. Companies will shift to more secure methods involving risk-based authentication and behavioral analytics.

4. Ransomware Locks Up IoT Devices

We’ll see a pivot from using ransomware to lock up desktop computers toward attacking Internet of Things (IoT) devices. Expect the ransom to be lower as fraudsters move to a volume play and find a price point that is less than the cost of just buying a new one for users.

Large organizations with deployments of IoT security cameras, DVRs and sensors will be especially impacted by the coming wave of IoT ransomware. Like the recent rise of ransomware attacks in the health care industry, cybercriminals will target infrastructure that could adversely impact operations.

5. Finally Getting Response Right

2018 will be the year in which we see a major company demonstrate a fast and appropriate response to a large-scale data breach or cyberattack, including effective communications to inform stakeholders within and outside the business of the impact.

With the implementation of GDPR in May 2018, organizations doing business in the European Union (EU) will face stricter regulations around the protection of data and must report data breaches to regulators within 72 hours (or face steep fines of up to 4 percent annual turnover) and potentially notify the customer as well. With these penalties in mind, organizations are placing greater emphasis on preparing their incident response plans, which, we hope, will lead to an overall improvement in the aftermath of a breach.

Expect the Unexpected in 2018

The cybersecurity landscape changes so quickly that I wouldn’t be surprised if something bigger emerges and knocks one of these security predictions off the list early in the year. We’ll have to wait and see what 2018 brings, but if 2017 is an indication of the trajectory cybercriminals are on, the security community had better rest up over the holidays.

Listen to the complete podcast: 5 security predictions that will take hold in 2018

Never miss a new episode of the Security Intelligence podcast! Subscribe now on iTunes, SoundCloud or your favorite podcast platform.

More from X-Force

Ongoing ITG05 operations leverage evolving malware arsenal in global campaigns

13 min read - Summary As of March 2024, X-Force is tracking multiple ongoing ITG05 phishing campaigns featuring lure documents crafted to imitate authentic documents of government and non-governmental organizations (NGOs) in Europe, the South Caucasus, Central Asia, and North and South America. The uncovered lures include a mixture of internal and publicly available documents, as well as possible actor-generated documents associated with finance, critical infrastructure, executive engagements, cyber security, maritime security, healthcare, business, and defense industrial production. Beginning in November 2023, X-Force observed…

Why federal agencies need a mission-centered cyber response

4 min read - Cybersecurity continues to be a top focus for government agencies with new cybersecurity requirements. Threats in recent years have crossed from the digital world to the physical and even involved critical infrastructure, such as the cyberattack on SolarWinds and the Colonial Pipeline ransomware attack. According to the IBM Cost of a Data Breach 2023 Report, a breach in the public sector, which includes government agencies, is up to $2.6 million from $2.07 million in 2022. Government agencies need to move…

CVE-2023-20078 technical analysis: Identifying and triggering a command injection vulnerability in Cisco IP phones

7 min read - CVE-2023-20078 catalogs an unauthenticated command injection vulnerability in the web-based management interface of Cisco 6800, 7800, and 8800 Series IP Phones with Multiplatform Firmware installed; however, limited technical analysis is publicly available. This article presents my findings while researching this vulnerability. In the end, the reader should be equipped with the information necessary to understand and trigger this vulnerability.Vulnerability detailsThe following Cisco Security Advisory (Cisco IP Phone 6800, 7800, and 8800 Series Web UI Vulnerabilities - Cisco) details CVE-2023-20078 and…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today