2018 will see the arms race between organisations and hackers continue to intensify.  As well as this, 2018 could see a full-scale cyber war break out between countries.   There are also predictions that nation states and law enforcement agencies around the world will begin to use cyber tactics offensively within the next 12 months.

Growth in number of attacks
2017 saw a significant escalation in the number of cyber-attacks levied against nation states, and Ward Solutions believes that 2018 will see similar growth in the number of attacks.  However, what will change in 2018 is how nation states react to cyber-aggression. Many states, including a number of NATO allies, are currently drafting cyber warfare principles, and some agree that cyber-attacks on the part of another nation state constitute an effective act of war.

This justification could see states react with physical force to any virtual intrusion. Ward expects governments to adopt combative cyber strategies to tackle both aggressive nation states and state-backed cybercriminals. It’s possible that this strategy could lead to the emergence of a cybersecurity war.

Focused attacks on critical infrastructure
As cyber-attacks intensify and increase in frequency, Ward also predicts that large swathes of the civilian population will be impacted. We believe that 2018 will see cyber-criminals focus their attacks on critical infrastructure, such as national power grids, to destabilise the countries in their crosshairs. Worryingly, many countries are ill-equipped to deal with this type of attack.

Reflecting on the predictions, CEO of Ward Solutions, Pat Larkin says: “2018 will see cyber-security threats increase further in sophistication and the amount of damage that they can potentially cause. Furthermore, as state-sponsored groups increase their attacks on countries’ national infrastructures, civilians could begin to suffer as essential services come under strain.   Ireland is particularly unprepared to deal with an attack on our critical national infrastructure, and to protect our interests we need to implement a comprehensive national cyber security strategy as soon as possible.

“There is clear evidence that state-sponsored cyber-attacks are already happening around the world. Continued attacks on nations by cybercriminals will build legitimacy for national cyber response teams, and 2018 marks the tipping point when those targeted nations escalate their response to cyber-attacks, which they now classify an act of war. Cyber-attacks represent a very real threat to national security, and so expect countries to devise official coordinated defensive responses, utilising both cyber and physical, military force to protect their interests.”

“We would expect certain nations to go on the offensive against hackers and launch coordinated cyber campaigns to disable them before they have the chance to strike. Offensive cyber strategies will become a key element in countries’ national defence plans, helping them to prevent attacks.”

Finally, Ward also predicts that, in 2018, cyber-criminals will embrace Artificial Intelligence (AI) and Machine Learning (ML) technologies, using them to supplement their attacks and circumvent the advanced cybersecurity tools employed by businesses. 

At the same time, companies will also embrace AI and ML to bolster their defences and protect their assets. This will lead to an ongoing arms race between criminals and organisations, as both threats and defences increase in complexity.
General Data Protection Regulation (GDPR) will also remain a key priority for companies in 2018, especially until the deadline for compliance arrives on 25th May.

Pat Larkin commented: “GDPR awareness will reach its zenith in the first few months’ of 2018, with the regulation itself set to come into force on May 25th. It is likely that punitive examples will be made of large organisations who will be fined heavily for failing to comply with the legislation.

The focus on GDPR compliance will also drive the need for an overarching framework that will enable companies to maintain compliance with information security standards going forward.”

Source: Cyber Security Intelligence