One of the most important factors in the technology and cybersecurity industries is the inevitable presence of constant change. Technology, business, and industry are always evolving, while cybercriminals are always searching for new and innovative ways to attack. While there is no surefire way to account for future developments, some professionals have dedicated time and expertise to predicting the ways in which the current threat landscape and state of technology may lead to issues down the line. The European Union Agency for Cybersecurity (known as ENISA) recently released a report breaking down some of the most pressing concerns for cybersecurity that are likely to arise or become more prevalent in the next several years.
Supply Chain Challenges and Disruptions
Disruptions to supply chains can have a massive impact economically and socially, making it an area ripe for cybercriminals to target.
- Supply Chain Compromise of Software Dependencies: state-sponsored or criminal groups using sabotage, theft, malicious code, or other methods to infiltrate important areas and cause disruptions, malfunctions, and data loss.
- Tampering with Deepfake Verification Software Supply Chain: cybercriminals targeting verification software meant to analyze media for deepfakes, disabling the capacity for detecting deepfake technology.
- Malware Insertion to Disrupt Food Production Supply Chain: attackers using malware to target food production and operations, leading to food shortages and potentially poisoned food products.
The Human Element
While the technological aspect is certainly paramount for cybercriminal activity, it is important to recognize how human behavior plays a part as well.
- Advanced Disinformation Campaigns: state-sponsored groups, criminal groups, and hacktivists using fraud, identity theft, and unauthorized access to spread misinformation for political or financial reasons, leading to mistrust, financial cost, and other damages.
- Human Error and Exploited Legacy Systems Within Cyber-Physical Ecosystems: cybercriminals taking advantage of vulnerabilities in legacy OT systems and using ransomware to disable important infrastructure, leading to malfunction, failures, and physical damage.
- Skill Shortages: cybercriminal actors using knowledge of an organization’s empty positions to launch spear phishing and social engineering attacks, taking advantage of the lack of cyber skills to cause damage.
Bad actors use technological advances to their benefit, taking advantage of any technology they can use to launch or enhance their attacks.
- Rise of Digital Surveillance Authoritarianism/Loss of Privacy: state-sponsored or criminal organizations using advanced surveillance technology, man-in-the-middle attacks, malicious software, and abuse of personal data in order to track and control their targets, leading to privacy breaches and human rights abuses.
- Targeted Attacks Enhanced by Smart Device Data: cybercriminals or hackers-for-hire taking advantage of the abundance of data available from smart devices in order to tailor their attacks to the target, causing financial damage and breaches of privacy.
- Rise of Advanced Hybrid Threats: bad actors utilizing a combination of online and offline tactics in order to carry out attacks, leading to privacy breaches, outages, or malfunctions.
- Artificial Intelligence Abuse: cybercriminals manipulating AI algorithms for means including creating disinformation, exploiting biases, and collecting sensitive data.
- Exploitation of E-Health and Genetic Data: bad actors using vulnerabilities in e-health devices or databases in order to gain access to sensitive and personally identifiable health information.
- Attacks Using Quantum Computing: cybercriminals taking advantage of quantum computing resources in order to launch attacks targeting encrypted data.
- AI Disrupting/Enhancing Cyber Attacks: attackers using AI tools to optimize and maximize their attacks.
Faulty Tech Restricting Abilities
While bad actors can use advanced technology to their advantage by attacking with technologically-enable tactics, they can also exploit vulnerabilities in the technology used by their targets.
- Lack of Analysis and Control of Space-Based Infrastructure and Objects: state-sponsored or hired actors gaining access to space infrastructure and causing malfunctions, damage, or outages.
- Cross-Border ICT Service Providers as a Single Point of Failure: state-sponsored or hired actors using fraud, corruption, theft, or other methods to disrupt ICT providers, leading to widespread damage and outages in critical infrastructure.
- Exploitation of Unpatched and Out-of-Date Systems: bad actors taking advantage of outdated technologies and skill shortages to target unpatched vulnerabilities as a means of infiltration.
- Physical Impact of Natural/Environmental Disruptions on Critical Digital Infrastructure: environmental disasters leading to regional outages, affecting back-ups as well.
- Manipulation of Systems Necessary for Emergency Response: bad actors manipulating emergency response systems in order to overload or disable emergency services.
Blockchains have been rising to prominence in recent years due to the increased popularity of digital currency, and cybercriminals are likely to see blockchain technology as a high-profit and easily exploited target.
- Increased Digital Currency-Enabled Cybercrime: cybercriminal groups taking advantage of the prevalence of digital currency as an investment asset in order to launch more effective and wide-ranging attacks.
- Technological Incompatibility of Blockchain Technologies: the growth of several different blockchain groups culminating in a period of incompatibility between various technologies, impacting operations and creating exploitable vulnerabilities.
- Disruptions in Public Blockchains: widespread implementation of blockchains in public sectors being vulnerable to attack or malfunction due to a lack of security expertise.
Based on the current state and past trends in technology, geopolitics, and the threat landscape, it is possible to envision what factors may lead to potential difficulties in a few years. The report from ENISA details many of the possible issues that can arise from the present situation. With these concerns in mind, we can work to mitigate risks, fortify security, and prevent as many attacks and other incidents as possible.
Editor’s Note: The opinions expressed in this guest author article are solely those of the contributor, and do not necessarily reflect those of Tripwire