2018 will be a year of biometric hacking, state-sponsored attacks and daring cyber heists

There are only a couple of near-certainties for cyber security in 2018: that the market will continue to be buoyant and that attacks will become more sophisticated.

Gartner predicts worldwide security spending will reach $96 billion in 2018, up eight per cent from 2017 – good news for the cyber security industrial complex.  

It’s easy to see why because if any year can lay claim to be the one where cyber security problems really entered mainstream discourse, 2017 is a good candidate.

The year got started with a hangover from 2016 that suggested Russian interference in the run-up to America’s election, and possible interference in the Brexit vote from co-ordinated astroturfing campaigns on social media and forums.

That wheel kept turning and now ‘state sponsored’ has become something of a synonym, whether correctly or not, for ‘Russia’ – with businesses now trashing Kaspersky contracts based on allegations against the vendor.

In an increasingly connected world, where the chaos of so many different events and actors, nations, businesses, consumers and markets, legitimate or illegitimate, it’s naturally tough to chart where things might be headed without resorting to educated guesswork.

So read on for just that: where we see cyber security going in 2018.

Rogue AI

We don’t necessarily predict that 2018 is going to be the year the kill-all-humans trope comes to life. But cyber security vendor Darktrace, which uses machine learning to proactively hunt threats, is deeply concerned that if the good guys are looking at using AI, there’s a good chance hackers will be too.

Although truly AI-augmented malware has not yet been seen in the wild, director of cyber analysis at Darktrace Andrew Tsonchev told Computerworld UK that it’s not beyond imagination to think of sophisticated phishing tools that use machine learning to better target individuals or businesses.

“This is something we are super focused on – it’s what we do – and we’re very aware of the benefits, so we are very worried about the stage when there is widespread access and adoption of AI-enabled malware and toolkits for attackers to use,” explained Tsonchev.

“That is because by and large, applications of AI unlock decision-making, and that is what human-driven attacks do. You have an attacker in a network, on a keyboard, and they can case the joint.

“They can see what the weak points are. They can adapt the attack path they follow to the particular environment they find themselves in, that’s why they’re hard to detect.

“We’re very worried about malware that does that: malware that uses machine learning classifiers to land and observe the network and see what it can do.”

Meanwhile, director of technology for Darktrace, Dave Palmer, added that automation will add a new layer of complexity to ransomware, spearphishing and IoT-based attacks.


Just a figment of your imagination.