Top five emerging trends in cyber security
Dr Adrian Nish, Head of Threat Intelligence at BAE Systems, reveals his cyber predictions for 2019. Adrian regularly advises both businesses and governments on cyber breaches
Here are the top five emerging trends in cyber security, according to Dr Adrian Nish, Head of Threat Intelligence at BAE Systems.
- Bank heists move to real time
Given the record number of cyber heists in 2018, it is likely bank networks will continue to be in the crosshairs of financially motivated threat groups in 2019.
However, there will be changes in how these groups attempt to move money from bank systems to their own hands. Many attacks over recent years have focused on international interbank payment systems. These have a major disadvantage for criminals, in that there is a delay of 24-48 hours before the funds are settled and available to be moved.
This time window allows the authorities time to catch up following an attack and freeze the funds. In 2019 we anticipate attackers will shift to targeting systems that allow real-time settlement of funds - meaning that money can be moved through a network of accounts more quickly and ultimately laundered successfully.
This will present a challenge for the community in terms of the speed of response and international co-operation.
2. The death of the password
How many times over the past year have you had to click a ‘Forgot Password' link? And was that more than the previous year? For all but the geniuses among us, the challenge of remembering individual passwords for dozens of websites and apps is becoming too much to handle.
Add to this the fact that more vendors are following ‘best practice' and forcing use of special characters, increased length, regular password changes; and the task quickly becomes impossible.
Security engineers have long had it in for passwords, and leading tech firms have begun to adopt smarter, more friction-free alternatives.
A ‘survival-of-the-fastest' rule exists for online services, and those presenting a login screen hurdle will find their usage declining as leaders choose new authentication technologies. 2019 could be the year that turns the tide on the scourge of passwords.
3. Anti-AI activists attack
Advances in machine learning and automation are set to bring continued benefits to businesses and consumers alike. However, this is not without costs and risks.
Displacement of workers will lead to social issues; a proliferation of data collection will create privacy and security concerns; and there will be worries that the robots are making too many decisions or taking over (Hollywood has been forewarning us of this for decades…).
In 2019 we may see the emergence of activist groups concerned with the potential for an AI revolution and the negative impacts this may have.
Such groups could begin to deploy tactics to counter robotic systems and AI. For example, putting stickers on road signs to trick sensors in autonomous vehicles resulting in mistakes and potentially even accidents.
4. Bitcoin crashes
The value of anything is only whatever someone else is willing to pay for it. For Bitcoin in 2019 that may well be close to zero.
The Bitcoin bubble is bursting, and a 40 per cent drop in recent months may be foreshadowing even further falls to come next year.
Although there is still promise that crypto-currency could yield benefits for consumers, for example in areas such as speed of transaction and global portability, the recent volatility will scare off both investors and potential corporate users. Without mainstream adoption, the hope of stabilisation will diminish and those who've previously invested will look to sell while they can.
2019 could be a year of reckoning for Bitcoin, but it need not spell the end of crypto-currency generally.
5. Testing times for Regulations
The Panama Papers and subsequent revelations have resulted in greater requirement for regulated industries to Know Your Customer (KYC) and establish Ultimate Beneficial Owner (UBO).
2019 will further put pressure on the sector around KYC but will also see extra constraints due to GDPR. UBO requirements ask for more data to be analysed, but GDPR asks for proportionate data to be analysed.
The regulations are at odds with each other regarding financial crime prevention and we anticipate this will cause more challenges for organisations required to comply with both. This will likely result in test cases to establish how organisations interpret the conflicting needs and potentially even changes in regulations as lessons are learned.