In the constantly changing world of cybersecurity, it can be difficult to make predictions. But with 2018 just around the corner, cybersecurity professionals are taking a serious look at what the future holds.
Recently, Fifth Quadrant attended an event in which Phil Kernick, Founder and Chief Technology Officer at CQR Consulting led a discussion on where Australia's cybersecurity landscape was heading into the new year. Drawing partly on that discussion, we'll now take a quick look at 7 trends in Australian cybersecurity to watch out for in 2018.
1. Artificial Intelligence (AI)
When it comes to cybersecurity, AI is a double-edged sword. On the one hand, automation and machine learning can take care some of the more menial and time-consuming computer security tasks. For example, a Queensland council has just deployed Darktrace, an AI that can analyze typical user behavior and then detect any threatening anomalies.
On the other hand, AI is also being used to improve cyberattacks that are smarter, faster and more targeted thanks to machine learning. Spearphishing attacks, for example, can use AI to pull information from various sources and identify people who may be vulnerable to attack. The rise in using AI to both help and harm will no doubt be a continuing trend in 2018.
With Bitcoin hitting an all-time high and Ethereum bursting onto the scene, blockchain – the technology that is the foundation to them both – is all the rage right now.
But blockchain is more than just the backbone to cryptocurrencies, it also has major applications in cybersecurity. Blockchain offers cryptography that is both more secure and theoretically immutable due to its distributed nature. "The internet was developed by the military for the same reason," senior lecturer at Australian National University Tom Worthington told the Australian Financial Review. "If one node is destroyed, you don't lose everything. Blockchain builds on that idea, with a much greater level of dispersion." Worthington says that civilian blockchain systems are seeing uptake in banks because they are highly secure thanks to cryptographic keys. The government is also using blockchain technology, notably in the Australian Defence Force's HMAS Hobart.
With money pouring into Bitcoin and financial institutions taking notice, we can expect to see a rise in attacks targeted at Bitcoin exchanges and blockchain based systems.
Although major breaches such as Yahoo and Equifax dominate the headlines, Australian organisations are also constantly battling similar attacks. According to CSO, Nine out of every 10 organisations dealt with an attempted or successful cybersecurity breach during the 2015 financial year and 58% of those were successfully compromised.
Kernick points out two major issues facing the Australian government's approach to breaches. The first is that the bar at which a breach becomes disclosable has been raised very high, which means we are less likely to hear about small or medium-sized breaches. The second is that information that is not directly attributable to an individual isn’t personal information following a recent court decision. So even if the information could be linked to an individual through a third party, it isn't strictly classed as personal.
"There will be some breach that will trigger this," Kernick said. "And my guess is it will be a medical practice simply because it has to meet the 'serious harm' bar.
4. The Cloud
According to Kernick, the cloud is now a mature model in which all the little players have dropped out leaving a few giants, namely Amazon (AWS), Microsoft, Google and Oracle. All of these platforms hold many security certifications as they want to make their customers feel as safe as possible. Kernick predicts that an increasing number of companies will migrate to the cloud.
Although cloud services seem secure, it isn't impenetrable and 2018 will likely see even more attacks levelled against them. In fact, just three days after Kernick spoke, ABC disclosed that two years of its data had been leaked from an Amazon S3 cloud service.
"A lot of the value proposition of the cloud, a lot of the attraction is that it is very cost-effective, it is very easy to access and stand up services," security researcher Troy Hunt told ABC News. "That makes it fantastic for doing good things with, but all of those attributes also make it extremely easy to make one little mistake."
5. Human Resources
Human resources is an issue affecting cybersecurity worldwide. According to ESG senior analyst John Oltsik, recent research by ESG revealed that 70% of cybersecurity professionals say the global skills shortage has impacted their organisations.
Kernick says that shortage is being felt in Australia and that roles are being filled by people who lack the proper training or qualifications. "We still hold and keep good people, as do our competitors," he said. "But there's still only a fixed pool." An apparent solution to this is to bring in experts from overseas, but if they are from developing countries they tend to switch jobs quickly when presented with a better offer, Kernick says.
There is also a lack of government support, and although some incentives have been created, Kernick says they tend to favour companies at the "big end of town" rather than small-to-medium organisations. If the situation is to improve, 2018 may see the government upping its investment in Australian cybersecurity.
6. Internet of Things (IoT)
There are currently around 8 billion IoT devices connected to the internet and Gartner predicts this number wil go up to just under 12 billion next year and 20 billion by 2020. These devices range from household appliances to medical devices and toys and come with a whole host of security vulnerabilities.
"IoT is the perfect example of market failure," Kernick noted. "Neither the consumer nor the supplier in any way have a market-driven reason to do security." Although Australia and Europe are adopting a star rating system for IoT device safety, Kernick says the majority of buyers get products from southern China and those products will almost certainly have components that don't comply.
Kernick gave the example of a common chipset found in digital video cameras that "can't be patched and won't be patched" and said that his company had recently traced a cyberattack to a webcam in Sydney that had poor security. With the plethora of IoT devices and the rise in popularity of home assistant products, 2018 will be a big year for IoT cybersecurity.
In the last decade, ransomware has become the most popular tool in the cybercriminals box. According to Kaspersky, mobile ransomware attacks increased over 250% in the first few months of 2017 and continues to rise.
Ransomware is a global cybersecurity issue which also affects Australia. Telstra's Cyber Security Report 2017 found that in the 12 months leading up to October 60% of Australian organisations experienced a ransomware attack. Just under a quarter of Australian organisations were found to have suffered an incident on a monthly basis and it took an average of five hours or more to recover from each attack.
The problem of ransomware incorporates several of the trends already discussed. Bitcoin has become the most widely used payment system in ransomware cases and AI is now being mobilised in the fight against it.
"There are two types of companies: those that have been hacked, and those who don't know they have been hacked," CEO of Cisco John Chambers once said, and that has never been truer than in 2017.
Going into 2018, we can expect to see more breaches, hacks and attacks. But at the same time, cutting-edge technologies such as blockchain, AI and machine learning will be deployed as new forms of resistance in the never-ending battle that’s waged in cyberspace.