The Forecast for 2018 – cryptocurrencies targeted, trust eroded, and a battleground shift


Trevor Reschke Head of Threat Intelligence

A cyber security blog without New Year’s predictions is like a vulnerability without an exploit. So, we put our heads together to come up with what we at Trusted Knight see as five of the more interesting online threats of this coming year, and how we see these impacting security teams across the board:

Crypto hungry cyber criminals will diversify beyond Bitcoin. 2017 was the year of the great Bitcoin bull run, its value shot up and it gained credibility as a legitimate currency. Unfortunately, this also increased its value to cybercriminals. This is evidenced in everything from malware-writers building specialist scripts to search and steal bitcoin, to massive exchange hacks. However, dragged up by Bitcoin’s value, other altcoins and crypto currencies have begun to emerge and gain value. Expect cyber criminals to take advantage of this in every way possible – from demanding payment in more anonymous crypto-currencies (making it easier to cash out) to targeting the exploding number of exchanges trading in these so-called ‘altcoins.’

Information confusion will erode trust but increase vigilance. The cyber security space will not be isolated from the broader societal trend of people questioning every piece of information they are now presented with. Information previously and painlessly presented as fact is now open to interpretation. This may have a positive impact for the average person on the street, forcing them to question scams, phishes and questionable links. However, on a macro level it is already starting to fracture a once unified vendor / security researcher landscape, which has historically been united around a common goal of fighting threats. Increasingly, researchers are questioning the approach of vendors and exposing holes in their technology, working on the premise that all companies need to be held accountable for their data security. On the flip side, vendors operating in fear of less-ethical researchers publishing vulnerabilities without responsible disclosure are working around the clock to make sure best practices are being followed, patches are being developed and quickly issued.

Exponentially more connected things = exponentially more risk. This one speaks for itself. The Internet has already established itself as the primary interface between people and the daily services they use – providing countless opportunities for online scams, crimes and other malicious activity. Now, this is fast being extended to a countless number of non-sentient elements of day to day life. With everything from trash cans to cars being connected – threat actors have a whole new set of ways to cause harm and disruption to the world. One they will doubtlessly seize for their own gain.

Automation euphoria will decrease, with fatigue setting in. The past year was one where machine learning (ML) and artificial intelligence (AI) ceased to be the preserve of the elite few cyber security vendors who hired a select number of brains out of the Ivy League. Mass market AI and ML are now here and every point of layered defense now touts an intelligent algorithm. However, with that comes a growing realization that automation still needs to be trained to be effective. It is not as ‘set and forget’ as many security teams may think when the box is opened, which can ultimately leave things more exposed if the implementation is not done properly.

The battleground will shift for malware writers trying to steal login details. For the past few years, the war between companies with an online presence and cyber criminals has been fought using malware on the devices of the average Joe. To extend the metaphor, this is a bit like a static defending army trying to repel a never-ending and highly mobile enemy, while blindfolded. In short, a losing game. 2018 starts with a paradigm shift on the horizon, as companies take the initiative to move the battleground from the end-point into the cloud where it is possible to isolate individual customer sessions. The early adopters of this approach will be those with the most to lose, namely banks and perhaps high-volume ecommerce companies.