Attacks on industrial infrastructures, malware boosted by Artificial Intelligence or changes in regulations on cryptocurrencies … Markus Braendle, the Director of Airbus CyberSecurity, details his five major predictions for cybersecurity in 2019.
Extortion Attacks Targeting Industrial Infrastructure IIoT
Prediction: Strategic infrastructure will be disrupted by a large-scale extortion attack.
We have already seen extortion attacks on infrastructure such as cities or ports. There is every reason to believe that this type of attack will not only continue, but will also extend to energy and transportation infrastructure. In the age of the Industrial Internet of Things (IIoT ), the industrial sector is becoming a new target. Hackers targeting businesses are increasingly resorting to extortion practices.
In this context, virtually limitless potential targets are only one way to achieve financial ends. During 2019, one of these attacks will cause, somewhere on the planet, memorable upheavals.
Artificial Intelligence: The Risk of Malware
Prediction: Artificial intelligence (AI) -based malware will escape the perimeter of its intended target with devastating consequences.
A malware developer using auto-learning targeting and/or self-propagation could create a strain that is so powerful that it could “escape” the defined scope of its target, causing immense damage collateral. The use of Artificial Intelligence in an event of this type will likely amplify the fallout of what has already been observed with Stuxnet, Mirai or NotPetya.
In addition, for the first time, there will be a cyber-attack that integrates machine learning to automate manual hacking techniques, usually only associated with APT threats.
To provide a balance and fill the gap in cybersecurity skills, the Security Operations Center (SOC) will begin using Artificial Intelligence and machine learning algorithms. Security analysts will have the mission to adapt to their new artificial colleagues.
Towards a regulation of crypto-currencies
Prediction: lawmakers will lose patience with cryptocurrencies
The Blockchain represents a risk in the short term, because of its technological immaturity and its strong dependence on the cryptocurrencies. The success of this technology in areas such as supply chain security requires a certain degree of maturity. As the use of Blockchain crypto-currencies spreads, fears of geopolitical attacks on these currencies will intensify. This is why they will be subject to increased controls to mitigate economic risk in a context of increasing trade in conventional markets.
More generally, confidence in the Blockchain will decline. Indeed, concerns about cybersecurity problems with cryptocurrencies are increasing, and we realize that the Blockchain is not a panacea.
The First International Cybersecurity Treaty
Prediction: Two Cyberpowers Will Begin Negotiations to Develop the First International Cybersecurity Treaty
The population is at increased risk of injury from an intentional or accidental attack on strategic infrastructure such as power plants or hospitals. To cope with this type of threat, many ideas have been formulated. Microsoft pleads in particular for the adoption of a Digital Geneva Convention, and calls for the creation of an independent non-governmental organization, called the Global Cyber Attribution Consortium, whose objective would be to monitor compliance with compliance requirements.
It may be years before this and other initiatives by the United Nations come into being. However, the risk/reward ratio is slowly but surely shifting towards a system of rules, at least for a small number of countries, especially if it is possible to derive geopolitical benefits from economic and military relations between the countries. A formal cybersecurity treaty of this type would therefore rest as much on its political and symbolic capital as on its technical details.
Towards a ban on ransoms
Prediction: a local government will ban the payment of ransoms in the public sector.
In the event of an extortion attack, the payment of ransoms by public sector organizations to recover access to their strategic systems has become commonplace. This practice has always been controversial, and the rules governing its legality are complex, even in countries with highly developed judicial systems.
Governments are starting to pay the price for this vision in the short term. Indeed, not only the payment of a ransom may finance new attacks, but in addition, it offers no guarantee that the attack will not happen again. As for the amounts of the ransoms, they have been multiplied by ten. Attackers are now interested in strategic infrastructures. This is a dangerous development. The ban on the payment of ransoms could deter extortion attacks and encourage the actors concerned to invest in security solutions designed to prevent these situations from occurring.