If you think 2017 was bad, hold on for dear life because 2018 is going to be the worst yet when it comes to cyberattacks. The astounding amount of personal information "out there" coupled with criminal innovation will allow cyber incursions of unprecedented scale and sophistication.
There is a confluence of intractable forces informing this prediction.
First, the headline-grabbing data breaches of 2017 cap a five-year run of hackers relentlessly gutting databases containing personally identifiable information (PII). Who's been breached? High-profile financial institutions, media companies, tech giants, merchants, government agencies and academic institutions, you name it, it's probably been breached. Think an email address and a name doesn't pose a danger? Think again.
A vast storehouse of stolen consumer data is available on the dark web, sometimes for sale and sometimes just there for the taking.
While you should be concerned about everything--including breaches where the only data leaked is name, email address and home address--there are larger concerns. The information available is not limited to birth dates, Social Security numbers, answers to security questions, and the like, but much more granular metadata involving the things you buy, post about on social media, etc.
These rich data sets will never perish and will forever be available to crooks who can then triangulate a targeted victim's digital footprints with stunning precision. That same information can be used to trick you into turning over the keys to the castle via social engineering, since scammers can know more than you might think possible, using that knowledge to trick you into aiding and abetting in self-larceny.
To understand the targeting that is now possible, consider advertising. Netflix recently singled out 53 of its viewers for mockery as part of a questionable joke-marketing campaign. Criminals can use that same information (it's been hacked too). They have the motivation and programming skills to do so. You're going to get got.
A second ingredient is machine learning. Data analytics applied to large data sets has become a refined science, thanks in large part to work done by the financial services sector as well as online advertisers. And more recently, advanced machine learning techniques are being brought to bear on network security systems. The trouble is that cybercriminals, as always, are ahead of the curve. They've been applying machine learning to help them infiltrate and steal from business networks for a number of years now. They will continue to make advances in 2018.
That's where the third ingredient - botnets - comes into play. A botnet is a network of tens of thousands, or even millions, of obedient computing devices awaiting commands from a single controller. Bots typically are comprised of personal computers and/or connected devices infected by the controller via malware or controlled via zero-day exploit, but there have also been instances of virtual computers assembled by the controller. These collected devices possess tremendous computing power--literally the combined strength of all the machines in the controller's network. Botnets comprise the hub of cybercrime - and they continue to proliferate.
Take one part stolen data, mix in machine learning, pour into a powerful botnet and we can be certain to encounter more effective ways to pillage and plunder.
Here are four types of cyberattack campaigns we should expect to see in 2018:
The combined market cap of Bitcoin, Ethereum, Litecoin and Monero has eclipsed the $500 billion mark and continues to climb. This makes cryptocurrencies a viable target for criminally-minded hackers. We are very likely to see cryptocurrencies get hit so hard values will plummet.
Biometrics readers are now available for not just fingerprints and facial recognition, but also voice and even the shape of one's heart. The wide deployment of biometric authentication, leveraging our smartphones, is on the horizon. This means various parties will be responsible for storing biometric profiles, which means all of the attack vectors that must be defended to fully protect stored data will be in play. Persons with malicious intent are surely studying this. A breach resulting in the loss of biometric data is inevitable.
We now know botnets were used by Russian-sponsored operatives to spread propaganda on Google and Facebook, thus influencing the election of Donald Trump. And we also know how spoofed identities and access to voter rolls can be used to smear and obfuscate, as Roy Moore supporters attempted to do in the Alabama senate race. With so much at stake in each local, state and federal election across the land in 2018, we will see advancements in these types of dirty tricks -- iterations that employ machine learning to leverage stolen metadata, and deploy botnets to scale up attacks.
Critical infrastructure disruptions.
There were a number of disclosures this year showing how Russia, Iran, China and North Korea have been proactively probing and, in a few cases, successfully breaching so-called "operational technology" (OT) - the dedicated networks that run our utilities and manufacturing plants. It's equally clear that OT networks of companies operating in certain vertical industries have emerged as strategic targets in event of an all-out global cyber war. We will see a rise in successful OT breaches in 2018.
What I fervently hope is that we do not experience is a major disruption carried out as part of a global cyber war, though I fear this possibility as well. As jolting as WannaCry/Petya, the Equifax breach and the Uber hack were in 2017, those incursions may have been mere warm-ups of what's coming in 2018.
And by the way, Happy New Year!