31 January 2018

What’s In Store For The Cyber Threat Landscape In 2018 — Be Afraid…..Be Very Afraid; What Are The Potential Sick & Twisted, Dangerous Cyber Attacks We Might See In 2018

Is 2018 the year that America suffers the devastating cyber attack that many experts have been warning about for the past decade? Maybe…..but, let’s hope not. Like economists predicting the next recession, cyber security and national security experts have been warning that America is ripe for a Cyber Pearl Harbor…that has yet to manifest itself. Are we that vulnerable? I am afraid so. But, this kind of devastating attack has not materialized, likely for a number of reasons; and, hopefully, we’ll successfully avoid that kind of event in 2018. Outside of a Black Swan cyber attack, what does the cyber threat landscape in 2018 look like. We can only make an educated guess of course; but, there are some known knowns about where the cyber threat appears to be maturing and, becoming more worrisome.

There are a number of cyber threat forecasts for 2018, as you might expect; and, I won’t bore you with summarizing their findings. In most cases, I found the analysis shallow and lacking in imagination and understanding. That is one reason I will add my own two cents in, after noting cyber security firm, McAfee’s 2018 cyber threat outlook.

McAffee foresees:

1) The Adversarial Machine Learning Arms Race Heating Up — As Attackers & Defenders Try And Out-Innovate Each Other In AI: As Gen. (Ret.) Petreaus was fond of saying, “the adversary gets a vote.” And, they are adaptive, creative, and sometimes — sick and twisted. The advent of machine learning, big-data mining, etc. is empowering cyber thieves, spy’s, others, to masquerade as a legitimate entity; or successfully digitally impersonate someone we know and trust. Digital thieves will use this information/intelligence to their advantage, and use this very personal information to gain access to someone we communicate with frequently — in order to expand their attack landscape. Companies and others will also be able to use machine-learning and big data to turn the tables on the cyber hackers; but, machine learning will make its presence felt in the cyber domain in 2018.

2) Ransomware Pivots To New [More Strategic] Targets/New Objectives: Most of the low-hanging fruit for the ransomware cyber thief has been harvested; and, one should expect ransomware theives to mostly move on to more lucrative targets. McAfee forecasts that “attackers will target less traditional, more profitable ransomware targets, including: high net-worth individuals, connected devices, and businesses. Cyber sabotage and disruption of [physical] operations is likely to increase in 2018. McAfee foresees: “the drive among adversaries to inflict greater damage, disruption, and the threat of a greater financial impact, will not only spawn new variations of cyber crime “business models,” but also begin to seriously drive the cyber security insurance market.”

3) Serviceless Apps Offer New Opportunities For Friend — And Foe: As we all know, serviceless apps can enhance our lives by the convenience they offer; but, as with most things in life — these apps come with a ‘cost.” When we agree/sign up for an app, we expand the attack space that the hacker has available to otherwise, make life difficult for us. If these apps are not encrypted, which most aren’t, one must understand that there is a downside to accepting apps, and when we do so — our cyber surveillance antennae need to be more active and focused.

4) When Your Home Becomes The Ultimate Storefront: We as a society are becoming more network dependent, as opposed to network enabled; and the Internet-of-Things (IoT), has become the Internet-of-Threats. As McAfee notes, “as connected devices fill your house, companies will have [even] more powerful incentives to observe what you’re doing in your home; and, learn more about you than you would probably prefer. McAfee predicts in 2018 that there will be more examples of corporations/companies exploring new ways to capture [and exploit] that data. Businesses will consider the ‘cost’ and potential blow-back for having ‘clandestinely’ collected that data versus the benefit they potentially gain in the meantime. But, as we saw with the Equifax breach in 2017, the companies collecting and storing our personal data — are themselves vulnerable to being hacked; and, why not — that’s where a lot of lucrative data lies. Thus, in 2018, we can expect even more collection of our personal data being collected, as our addiction to apps metastasizes, and we can expect cyber thieves to target those companies who collect and store our personal data.

5) Inside Your Child’s Digital Backpack: Our children are empowered by the Internet, the apps, and all the ‘bells and whistles’ that go along with it. But, they may be less aware and appreciative of the power that these same domains offer — both good and bad. Denial and deception are alive and well in the digital wilderness of mirrors. Cyber thieves and other digital malcontents will seek to take advantage of a less digital savvy child or young person, as a way to gain entry to our digital vault, or the network where we’re employed, or both. A digital chain is only as strong as its weakest link; and, if cyber thieves can’t breach our personal device/s, they may well target our children/loved ones, as a potential less formidable target to breach — as a way to ultimately……get to us.

Meanwhile, Global Risk Assessment Firm Forrester Predicts……………..

Meanwhile, the global risk assessment firm, Forrester predicts that IoT attacks will increase even further — and, their motivation will change. For the most part, Forrester notes that “IoT devices are generally compromised” so that hackers can make them part of a larger botnet swam attack. In 2018, Forrester expects this motivation to change, as hackers see the large-scale movement to the IoT as a target-rich environment for theft, ransom, and/or other malicious activity.

Forrester expects ransomware to reach a pandemic point, as ransomware developers have gotten smarter with how they develop and deploy their tools. And of course, these same ‘developers’ will find a ready customer base on the Dark Web, and elsewhere — with easy-to-deploy ransomware instructions.

“The digital realm will become the next theater of war,” in 2018 according to Forrester, as nation-states make cyber part of both their national defense, as well as an offensive weapon. A large-scale cyber attack that causes significant loss of life is no longer the purview of Hollywood. Cyber weapons have matured to the point that a Cyber Pearl Harbor-type attack is now possible; and, the number of nation-states, cyber militias, others who possess Tier 1-level cyber weapons is no longer a small number.

Now, For The Sick & Twisted, Nasty Stuff We Might See In The Cyber World In 2018 — What Happens, If Things Don’t Go Well?

Threat Actors Are Thinking Bigger & Artificially Enhanced Malware Will Enable Them To Potentially…..Potentially Carry Out Some Truly Devastating Cyber Attacks 

“Attacks like the one on Equifax, and the Distributed-Denial-Of-Service (DDoS) attacks on Doman Name Systems (DNS) service provider Dyn last year, which caused disruptions for many major websites, are an indication that threat actors are turning their focus on bigger, and more impactful [fruitful] targets,” said Alp Hug, Founder and COO of Zenedge. “Increasingly, we’re going to continue to see this trend of hackers going after larger, more strategic, more impactful targets. Why go after one nuclear plant, when you can shut down the entire continent. Why go after one hospital and their devices, when you can go after all Internet-of-Things (IoT) devices from a manufacturer?,” he said.

Rob Price posted an article in the October 8, 2016 edition of Business Insider, about how artificially-enhanced malware will allow the darker, digital angels of our nature to significantly up their game. What is potentially in store for us in 2018 — if they choose to use AI enhanced malware? 

Smart viruses will hold [could] hold industrial equipment at ransom,” at no doubt the worst time for the affected industry. Think the electrical grid at the height of a summer heatwave, with temperatures in the 100s, or in the winter, with temperatures well below freezing. “AI-infused malware, could turbocharge ransomware,” Mr. Price wrote, enabling, and empowering malicious malware to be adaptive, and “self-organizing, to inflict maximum damage,” at the worst, most vulnerable time.

AI-empowered malware, will better enable the malicious virus to masquerade as someone you know, including using their writing styles and slang, etc. David Palmer, Director of Technology at the cyber security firm, DarkTrace, warns “we’ll see coordinated action. So imagine ransomware waiting till it has spread across a number of areas of the [targeted] network before it suddenly takes action. I’m convinced we’ll see extortion of data, as well as assets. So, factory equipment, MRI scanners in hospitals, retail equipment — stuff that you’d have to back online; because, you can’t actually function as a business without it.”

The Worst Hacks Won’t Be The Most Noticeable Ones

“If you are going to disable an oil rig,” Mr. Palmer told Business Insider, “people are going to notice. Everyone’s going to try and get around and fix it. If you really wanted to harm and oil and gas firm, to my mind what you would do is have your [industrial grade stealth malware] self-hunting, self-targeting malware go in there and then start to change the geophysical data on which they decide on where they’re going to buy mining rights. And, of a long time, you can make sure they’re buying drilling rights in the wrong places, those wells are coming up drier than they should be; and, do really serious harm to their business in a way they’re much less likely to notice and [adequately] respond to.”

Mr. Palmer added: “You may think, okay, that’s a good idea, we should go and look at our databases and see if there’s any ‘funny’ software there. But, the attacks of the future could just as likely be in their IoTs sensors, submarines, their scanning equipment that’s collecting [the data] in the first place…..and, good luck finding those attacks,” [stealth malware].

It’s The Dark Side Of The AI Revolution

“We’re in the early stages [innings] of the AI revolution,” Mr. Price wrote. Self-driving cars, individually tailored medical treatment, autonomous systems, and so on. “But, as it [AI] becomes ever more advanced, and ever-more accessible , it is inevitably going to be used for ill will,” by the darker angels of our nature.

Other Things To Look For/Worry About In The Cyber Realm In 2018

— Will we see the emergence of a truly lethal offensive cyber weapon — where loss of life is the objective?;

— Will significant progress be made in cyber forensic attribution, so we can determine who is behind an attack or hacking — in a much more timely fashion; and, with a high degree of certainty?;

— The Internet Of Things (IoT) has already been labeled by some as the Internet Of Threats. The more network dependent we become, as opposed to network enabled — the greater the damage we will suffer as a result of a large-scale cyber attack. How much resiliency do we have in our network enterprise/s? How quickly can we reconstitute, reverse-engineer, restore trust in the network, be sure that our network is ‘clean’ in the aftermath of a large-scale cyber attack, and — retaliate against the ‘right’ culprit? Do we have a more detailed and mature cyber decision tree on how, when, where, with what, against who — if we are attacked and need to respond?

— Do we have the expertise and cyber skill level required to discover and understand denial and deception — when it is being used against us in the cyber domain? AI-enhanced malware will enable sophisticated and clever alterations that — as was explained in the oil example — could cause tremendous damage;

— How much resiliency do we have in our offensive military weapons that are in some fashion — connected to the IoT?

— Will we see our first digital serial killer — using the IoT to cause a loss of life/lives? And, will we be able to recognize the attack as such?

Just some thoughts that came to mind as I wrote this article. As horror writer Stephen King once wrote, God punishes us….for what we cannot imagine. V/R, RCP

No comments: