2018 will herald the rise of the machine (learning) as cybercriminals get more strategic

Industry projections point to the need for smarter defences as cybercriminals continue to innovate around ransomware, aggressive machine learning, IoT compromises, and more

This year was a punishing one on the security front, with massive attacks like WannaCry and NotPetya causing massive business damage and unprecedented data breaches spawning chaos for customers of Equifax, Medicare, and Yahoo. Yet as Australia slides into holiday-season laissez-faire and prognosticators turn their eyes to 2018, the consensus is that the pressure on CSOs is only likely to get worse next year.

Malwarebytes, for one, believes the cryptojacking “gold rush” will be the primary motivator for cybercriminals that will exploit victims’ computing resources to mine cryptocurrency. The company also anticipates a greater focus on breaching educational institutions; growth in the PowerShell-based exploits that opened up a new form of attack on ubiquitous Microsoft Office software; continued growth in the cybercriminal underground; more direct attacks on security software; increasing use of worms to launch malware; and additional concerns about Internet of Things (IoT) security that will extend to potentially life-threatening hacks of connected medical equipment.

“Our Labs’ findings show no signs of a slowdown in 2018,” CEO Marcin Kleczynski said in a statement. “Hacker tools and techniques are increasing in sophistication and accessibility. We are seeing a new army of cybercriminals coalesce, lured by inexpensive tools and the promise of an easy profit – often publicised and glorified in the media. The forthcoming attacks will require more cybersecurity training, increased education and awareness and a multi-layered approach to business and personal security.”

Comodo vice president of cybersecurity Carlos Solari warned about the security implications of an industry that is “at the moment of massive changes” but continues to play catch-up when it comes to IoT infrastructure – which is rapidly expanding to accommodate smart devices, self-driving cars, and supporting infrastructure. “We need to be as vigilant with these types of devices as we are with PCs and servers,” Solari said.

Cybercriminals would organise themselves into as-a-service organisations, he added, acting as foils to a cybersecurity industry where customers will increasingly take security products as a service to speed adoption and simplify administration. New AI-based security tools and ransomware scanners, as well as better techniques for using digital certificates to certify legitimate tools, would be developed as innovation in the sector evolves to fight ever more-complex malware attacks.

As well as increasingly damaging ransomware attacks and exploitation of credentials stolen from users of travel sites, security tools provider NordVPN warned of an increase in attacks on IoT devices, larger ransomware attacks, and the impact of regulation such as the EU GDPR, UK’s Digital Economy Bill, and a Dutch referendum on government surveillance powers.

RiskIQ chief data scientist warned that cybercriminals would increasingly use and refine adversarial machine-learning (AML) models to avoid detection by systems at target organisations: “machine learning models will need to evolve quickly to keep up with these threats by incorporating instance-based approaches,” he advised.

“The value of large data lakes will increase as security companies turn to machine learning-based solutions. The most valuable of these data sets will be hand-curated, labelled data sets that can be used to train supervised machine learning models.”

McAfee Labs is also concerned about AML, with a looming ‘arms race’ between attackers and defenders setting the stage for a different kind of cybersecurity conflict in the future. Ransomware will also drive the agenda as it evolves from traditional PC extortion to infecting IoT devices, McAfee warned in its 2018 Threats Predictions Report, with off-the-shelf ransomware tools becoming more popular and payment-based attacks giving way to more attacks focused on sabotage and business disruption.

Serverless apps would create new vulnerabilities by increasing organisations’ attack surfaces, McAfee also warned, with data vulnerable while in transit across networks. Also likely to become a big issue in 2018 is the rise of monetisation, which compromises the privacy of consumers that will need to be more vigilant about what information they and their children put online.

“The evolution of ransomware in 2017 should remind us of how aggressively a threat can reinvent itself as attackers dramatically innovate and adjust to the successful efforts of defenders,” McAfee chief technology officer Steve Grobman said in a statement.

“We must recognise that although technologies such as machine learning, deep learning, and artificial intelligence will be cornerstones of tomorrow’s cyber defences, our adversaries are working just as furiously to implement and innovate around them.”

Join the newsletter!


Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.
Follow our new CSO Australia LinkedIn
Follow our new social and we'll keep you in the loop for exclusive events and all things security!
Have an opinion on security? Want to have your articles published on CSO? Please contact CSO Content Manager for our guidelines.

Tags data protectionYahoomedicarecyber securitydata breachesEquifaxWannaCryNotPetya

More about AustraliaBillComodoEquifaxEUMalwarebytesMicrosoftYahoo

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Brand Page

Stories by David Braue

Latest Videos

More videos

Blog Posts