Security spending is on the rise even as IT allotments fall, creating a conundrum for IT professionals who must deliver top-tier protection in a technology market where cybercriminal innovation and consumer expectations are accelerating.

With 2018 just around the corner, it’s worth knowing what’s on the horizon for network security and where IT focus has the most impact. Below is a snapshot of next year’s top network trends.

Evolving AI

Currently enjoying both big hype and serious investment, foundational artificial intelligence (AI) represents the potential for both security benefits and network threats. The notion of man-with-machine AI suggests the ability to offload tedious, data-driven tasks to highly focused machine learning algorithms, which then report to human experts. More advanced applications include intelligent network defense: Imagine an AI system capable of making sound judgments about incoming traffic and resource use, and then reacting appropriately.

On the other hand, purpose-built AI could enable cybercriminals to overcome system defenses and co-opt legitimate network processes for financial gain. Much like fileless malware, if malicious actors can compromise existing, high-privilege AI tools, the result could be total system infection without any signs of attack. Companies need to start earmarking security spend for AI development, but they shouldn’t ignore the secondary impact of malware copycats.

Cryptocurrency Crash

Bitcoin is on the rise and seems unstoppable, while blockchain technology has positive implications for network security as a whole. What company wouldn’t want a shared, entirely visible ledger of all transactions that (theoretically) can’t be compromised?

But there’s another side to cryptocurrency. Cybercriminals have already managed to render more than $100 million worth of Ethereum, a bitcoin competitor, permanently inaccessible. This is a big worry — not that bitcoin will suddenly fall, although that remains a possibility, but that second-tier cryptocurrencies will experience total failure due to blockchain compromise. Plus, what works on one blockchain can be adapted for another, meaning enterprises investing in bitcoin must be cautious when it comes to crypto-inspired confidence.

Network Security Redux

Another network security trend to look out for in 2018, Gartner suggested, is the development of digital twins — virtual representations of real-world entities or systems. With the number connected devices predicted to pass 20 billion in the next three years, it only makes sense to leverage them as links to physical processes and products, allowing enterprises to easily monitor current status, collect valuable data and deploy preventive maintenance tools.

However, compromised digital doppelgängers may have the ability to impact their physical copies. Think of it in terms of quantum entanglement: the notion that two particles created at the same moment can be effectively entangled forever, ensuring that whatever happens to one happens to the other, no matter the distance. Inherently linked digital processes could act the same way, especially as the number of devices outstrips the ability of traditional monitoring solutions.

In other words, by compromising digital copies, fraudsters could produce real-world effects.

Serverless Apps

Faster is better in our cloud-based world, so it’s no surprise that serverless apps are quickly gaining ground as simple ways to speed online processes such as bill payments and account logins. According to McAfee, these apps are also vulnerable to privilege exploitation and in-transit attacks, since they’re entirely web-dependent and don’t rely on a home server. As these apps trend upward to help manage costs and reduce complexity, companies need to consider the use of virtual private networks (VPNs) and cognitive security measures to ensure that serverless apps don’t lead to security breaches.

Intelligent Things

An extension of the Internet of Things (IoT), intelligent things are devices and processes designed to act autonomously for a given period of time or to complete a specific task. AI-driven cars are a good example: Emerging technologies reduce the amount of human interaction required to get people from point A to point B.

The problem is that if intelligent devices are compromised, what should be a routine task could be used for malicious purposes. Compromised driverless cars could be stolen from unsuspecting users, while wearable devices could collect and parse information about physical surroundings without user consent. Securing this new network of intelligent things will rocket up the IT priority list as viable attack surfaces grow and organizations become comfortable with the use of intelligent machines in day-to-day operations.

Expect increased security spend through 2018 as enterprises look to manage emerging network security trends, including improved AI, currency competition, digital twins, sans-server applications and things that think.

Listen to the podcast: 5 security predictions for 2018 from IBM X-Force

More from Application Security

Patch Tuesday -> Exploit Wednesday: Pwning Windows Ancillary Function Driver for WinSock (afd.sys) in 24 Hours

‘Patch Tuesday, Exploit Wednesday’ is an old hacker adage that refers to the weaponization of vulnerabilities the day after monthly security patches become publicly available. As security improves and exploit mitigations become more sophisticated, the amount of research and development required to craft a weaponized exploit has increased. This is especially relevant for memory corruption vulnerabilities.Figure 1 — Exploitation timelineHowever, with the addition of new features (and memory-unsafe C code) in the Windows 11 kernel, ripe new attack surfaces can…

Backdoor Deployment and Ransomware: Top Threats Identified in X-Force Threat Intelligence Index 2023

Deployment of backdoors was the number one action on objective taken by threat actors last year, according to the 2023 IBM Security X-Force Threat Intelligence Index — a comprehensive analysis of our research data collected throughout the year. Backdoor access is now among the hottest commodities on the dark web and can sell for thousands of dollars, compared to credit card data — which can go for as low as $10. On the dark web — a veritable eBay for…

Direct Kernel Object Manipulation (DKOM) Attacks on ETW Providers

Overview In this post, IBM Security X-Force Red offensive hackers analyze how attackers, with elevated privileges, can use their access to stage Windows Kernel post-exploitation capabilities. Over the last few years, public accounts have increasingly shown that less sophisticated attackers are using this technique to achieve their objectives. It is therefore important that we put a spotlight on this capability and learn more about its potential impact. Specifically, in this post, we will evaluate how Kernel post-exploitation can be used…

Detecting the Undetected: The Risk to Your Info

IBM’s Advanced Threat Detection and Response Team (ATDR) has seen an increase in the malware family known as information stealers in the wild over the past year. Info stealers are malware with the capability of scanning for and exfiltrating data and credentials from your device. When executed, they begin scanning for and copying various directories that usually contain some sort of sensitive information or credentials including web and login data from Chrome, Firefox, and Microsoft Edge. In other instances, they…