2018 Cybersecurity Predictions

27 Dec
Industry, News, Partners

Looking back, 2017 had all the twists and turns of a good disaster movie. Hackers steal and leak the NSA’s powerful exploit kit that’s then unleashed on the world through a Dr. Evilish ransomware-worm hybrid.  Later, a top U.S. credit reporting agency discloses a breach involving the social security numbers of 143 million Americans.

Meanwhile, a $1.8 billion legal battle is being waged between two tech giants over stolen software for self-driving cars. In the trial, a letter comes to light that claims the defendant was “responsible for acts of corporate espionage, the theft of trade secrets, the bribery of foreign officials and various means of unlawful surveillance.”

Sounds like a Lex Luthor had a busy year. While you can make a good case that data security predictions should be made by Hollywood scriptwriters, with the help of Varonis, here are the following cybersecurity predictions for 2018.

Blended Attacks Will Force More Critical Systems Offline

As bad as WannaCry was – and because many who were hit may have kept quiet – we may never truly know the full extent of the damage. The characteristics involving the payment of the ransom were haphazard, suggesting that these attacks were meant to test the NSA’s exploits’ power and reach when “blended” with other attack vectors, like phishing and ransomware.  In 2018, we should expect more blended, crippling attacks in more countries, and they may well be longer and more severe. As we saw in 2017, expect them to throw a wrench into the daily lives of millions — affecting anything from transportation to shopping to using an ATM.

The IoT Will Bring More Bad News

Brands have been quick to jump on the IoT bandwagon, but they will have their hands full. In 2017, we saw KRACK and BlueBorne exploit WiFi and Bluetooth, opening fresh holes in our already battered perimeters. Hackers will continue to leverage unprotected devices to spy on their users and break into home and corporate networks. Multiple botnets exploiting vulnerable IoT devices will be new minions in DDOS attacks and threaten to take down news and government websites. Millions of consumers will remain unaware that their IoT devices and home networks are being exploited until they finally get to the bottom of why Stranger Things is so slow to download and unplug their internet-connected toothbrush. Manufacturers will start to address these security faults or risk losing to the companies that bake-in security from the start. GDPR may save the day in the long run–forcing businesses to reconsider personal data collection via IoT, but we won’t see this effect until at least 2019.

Fear the Wiper

A recent survey revealed that 45% of organizations think they will be breached in the next year. In 2018, more organizations will be hit by ransomware, or worse. While ransomware is a scary thought for the C-Suite to consider, the unlucky organizations — those that haven’t prepared and without adequate backups in place — will be hit by wipers that will destroy information and systems with no hope for retrieval. Other unlucky organizations will realize they’ve been hit with APT’s, or Advanced Persistent Threats, that have been siphoning out valuable information for months or longer, like Intellectual Property, public filings, M&A plans, and other trade secrets. The unluckiest probably won’t realize they’ve been hit in 2018 at all, as attackers access their information as if it were their own. In 2018, a widespread wiper at tack, likely driven by political motivations, will hit at least one government agency and many other organizations. Companies will rethink how they’re protecting their critical information as they continue to realize how porous their perimeters have become.

You’ve Got Mail: Buckle up for a Wild Political Season

All 435 seats in the House and a third of the seats in the Senate will be up for grabs in November 2018. With so much at stake, expect a series of revealing leaks affecting candidates in key congressional districts. At least one candidate will drop out of the race based on the contents of old emails. Multiple incumbents will also be forced out of office.

Thanks to our partner, Varonis for these predictions!


Connect with Secure Sense to protect data, improve your posture and systems 24/7, 365 days a year. If you have questions or want to learn more, please contact Secure Sense by calling 866-999-7506.

You can find Secure Sense on TwitterFacebook,  LinkedIn and now Instagram!