The evolution of cybercrime – five key predictions for 2018

By Pouyan Broukhim

Although companies are putting significant emphasis on evolving and improving their cybersecurity, cybercrime is following a similar pattern, largely enabled by the emergence of new advanced technologies.

With this in mind, Dave Palmer, Director of Technology at DarkTrace, predicts how cybercrime will evolve in a range of ways during the course of 2018.

1) AI will supercharge phishing attacks

AI won’t just be used by the good guys. In 2018, we will start to see the emergence of sophisticated threat-actors harnessing AI technology to launch sophisticated, automated campaigns. Imagine a piece of malware that can train itself on how your writing style differs depending on who you are contacting, and leverages this nuanced understanding to send tailored, contextually relevant messages to your contacts. These phishing messages will be so realistic that the target will fall for them, downloading malicious attachments or following dangerous links. Such advances in AI will take us to the next stage in defenders versus attackers, and we need to be ready.

See also:

2) Large-scale attacks will become automated – and hackers won’t discriminate

2017 saw the emergence of self-spreading attacks causing widespread damage from WannaCry to NotPetya. Indeed, cyber-criminals go where the money goes: adopting this capability lets them infect a different magnitude of devices compared to past years. 2018 will see more of this – pairing automation with ransomware, spear-phishing, and IoT to effectively target a vast number of victims. These attacks won’t discriminate – merely participating in a national economy now appears to be sufficient to make an organization vulnerable. No company is out of scope for malicious intent, even if they think they have nothing worth stealing.

3) Attackers will threaten the integrity of organizations’ data – manipulating the market on the way

The hacks of the past year have heralded a new era. Rather than merely being motivated by financial gain, hackers are devoting more time and resources to longer lead campaigns with a different goal – the integrity of information. These ‘trust attacks’ can cause long-term damage to organizations through the erosion of trust in the data itself. If a criminal wanted to harm an oil and gas firm, for example, a less obvious and more damaging method of attack than switching off an oil rig might be to hack into the sensors that they drag through the oceans collecting data and change the information that they send back, in order to influence the firm into buying drilling rights in the wrong places. Tomorrow’s attackers aren’t motivated purely by dollars – and organizations must be prepared.

4) Sophisticated threat-actors will target critical infrastructure

In late 2017, the U.S. government issued a rare public warning that sophisticated threat-actors are targeting industrial firms. It is almost a certainty that in 2018, we will see an uptick in sophisticated campaigns against national critical infrastructure. More troubling still, the threat actors don’t even have to be limited to nation-states. Individuals that seek to do harm now have access to a variety of nation-state toolkits on the Dark Web, and it’s only a matter of time before they begin investing the resources into launching disruptive campaigns of their own.

5) AI won’t just be predictive – it will fight back

In 2017, AI met the challenge of identifying never-before-seen cyber-threats by understanding ‘self’ for corporate networks. In 2018, those networks will become self-defending, uniquely capable of taking precise, targeted action to neutralize cyber-attacks as they emerge. 2018 will truly be the year of machines fighting machines within organizations – may the strongest algorithms win.

Dave Palmer, Director of Technology, Darktrace


Featured Articles

Top 10 cybersecurity specialists in the US

As cyber attacks grow in frequency and become increasingly sophisticated, Business Chief looks at the top 10 cybersecurity specialists in the US.

Silicon Valley Bank collapse: How did we get here?

US authorities have stepped in to protect all Silicon Valley Bank customers following the second-largest bank failure in the country's history

Top 10 best new leadership books by women to read in 2023

To mark IWD, here’s our pick of the best new leadership books – all penned by impressive women at the forefront of the ever-evolving world of work

Eight of the best business leadership podcasts

Leadership & Strategy

CEO John Pagano, leading Saudi Arabia's Red Sea Global

Leadership & Strategy

Top 10 female CEOs according to Fortune’s Global 500 list

Leadership & Strategy