Webroot Security Predictions 2018

Ransomware / Malware

• Backups will not prove enough to stop ransomware as hackers find ways to subvert this strategy.  –  George Anderson, director of product marketing, Webroot
• Malware campaigns will use AI to make secondary infection decisions based on learning from previous campaigns.  –  Gary Hayslip, chief information security officer, Webroot
• Will see the first prolific script-based ransomware.  Malware will move away from PE (portable executable files) and into shell codes and other avenues of attack.  Authors will try to infect users outside of PE files. – Eric Klonowski, senior advanced threat research analyst, Webroot
• Security solutions will broaden their scope to consume events system wide vs per-process and per-thread level detection to capture disjointed attacks such as multi-processed ransomware.  – Eric Klonowski, senior advanced threat research analyst, Webroot
• We will see the first health-related ransomware targeting devices like pacemakers.  Instead of ransom to get your data back, it will be ransom to save your life.  – Eric Klonowski, senior advanced threat research analyst, Webroot
• The age of programmable malware will rise – with malware kits able to morph their purposes depending on the intent of those who launch them.  The same “shell” code will be able to launch ransomware, DOS, and email bot campaigns.  – Hal Lonas, chief technology officer, Webroot
• People will be injured or killed in 2018 due to a cyberattack / cyberterrorism – moving beyond money and intellectual property to physical harm as the objective and outcome.  One could argue that this has already occurred with NSA leaks and been kept hush hush within nation / states, but private citizens will soon become targets.  (how’s that for gloom and doom?) –  Hal Lonas, chief technology officer, Webroot

Breaches:

• Predicting at least 3 separate breaches of at least 100 million accounts. I bet the data is already breached as of right now, but the organization is unaware and will learn next year. – Tyler Moffitt, Senior Threat Research Analyst, Webroot
• Cybercrime for hire: There will be a high profile case of a Cyber hit job being taken on a company or high profile individual.  Basically a 3rd party paid for breach or hit on a reputable organization to steal info, defame or attack in a nefarious way another legitimate organization.  This is another way to monetize by offering services for hire to attack or steal from a competitor, individual or organization that someone would like to see exposed/breached. – Frank Price, vice president, product, Webroot

Biometric Security

• Continued growth in biometric services and devices with usernames and passwords becoming the legacy choice for authentication. – Paul Barnes, senior director product strategy, Webroot
• We will see the first biometric-access-based exploits using facial recognition or fingerprint access. – Eric Klonowski, senior advanced threat research analyst, Webroot

Government / Security

• Consumer fightback – 2018 will see major a major backlash (maybe class action lawsuits) from consumers, requiring more regulations around data protection especially in the US. – David Kennerley, director of threat research, Webroot
• An increase in Nation state cybersecurity breach activity as “cold war” like activity continues to escalate.  Where countries and organizations (i.e. ISIS) will actually invest more into both defensive and offensive tech and skills to gain access to information that can be leveraged in numerous ways.  I think we have only seen the early days of what’s possible and likely here. – Frank Price, vice president, product, Webroot
• Discoveries of election meddling and social media tweaking will be an economic drag on some of the biggest tech giants in the industry – and be cause for further scrutiny on securing devices, networks, and communications channels and verifying identity.  The tradeoffs between free speech and open digital access and convenience will become ever more apparent.  – Hal Lonas, chief technology officer, Webroot
• State sponsored service breach of critical infrastructure leading to loss of life and an extended timeframe to return to normal operations.– Paul Barnes, senior director product strategy, Webroot

Infosec job market

• Further adoption of AI leading to automation of professions similar to Insurance underwriters, tax clerk and credit analysts. Also, AI will begin to move into the forefront for social engineering, to quickly highlight susceptible targets for adversarial attacks. – Paul Barnes, senior director product strategy, Webroot
• CISO positions become more critical and move out of the CIO’s shadow. –  Gary Hayslip, chief information security officer, Webroot
• CISO role will become mandated for all organizations that are doing business with the Federal Government. –  Gary Hayslip, chief information security officer, Webroot
• Diversity in Cyber will stay static until there is Government involvement.–  Gary Hayslip, chief information security officer, Webroot

Mobile

• Will see the first major malware infection in Android App Store. – Christopher Cain, associate malware removal engineer, Webroot
• We will see the first widespread worming mobile phone ransomware, perhaps spread by SMS / MMS.  – Eric Klonowski, senior advanced threat research analyst, Webroot
• Ransomware is moving to be destructionware. I expect we will see this more on mobile platforms. –  Gary Hayslip, chief information security officer, Webroot

Cryptocurrency

• Bitcoin will be outlawed by many governments to avoid the financial ‘bubbles’ and ultimately fraud we’ve seen in the past – untraceable money is in no one’s interest except criminals – George Anderson,  director of product marketing, Webroot
• Malware distribution will rise in fall in conjunction with Bitcoin Value.  –Christopher Cain, Associate Malware Removal Engineer, Webroot
• Another major breach on Cryptocurrency exchange will lead to substantial decline in Bitcoin value and other major cryptocurrencies, further government involvement will be seen with regulations beginning to form to remove some of the original core principles around anonymity to reduce fraudulent use. Banks will be first to create a regulated currency followed by Russia and China and possibly followed by the big 5 tech companies – Apple (augment ApplePay), Google (augment Android Pay), Amazon, Facebook and Microsoft. – Paul Barnes, senior director product strategy, Webroot

UK / Brexit / GDPR

• UK based companies targeted for phishing/spear phishing on the fall-out from Brexit. Targeting with specific messaging concerning Brexit and CISO type topics –Nick Emanuel, director of product, Webroot
• Companies who trade with the European Union will suddenly panic over the requirements for GDPR and just encrypt everything in a knee jerk response – Jonathan Giffard, senior product manager, Webroot
• Due to Equifax, I expect a variant of GDPR will be legislatively enforced on vendors here in the US. –  Gary Hayslip, chief information security officer, Webroot
• GDPR challenges for service companies to comply with leading to major loss of business as service provider are fined and customers shift to those services that attain compliance. – Paul Barnes, senior director product strategy, Webroot

Security Industry

• Security subscription service offers from traditional retailers will expand – BBY Total Tech Support being a great example. – Andy Mallinger , director of product, global consumer segment, Webroot
• On the consumer front I think we’ll see the early days of a resurgence of the security opportunity as consumers begin to realize they need to spend to protect themselves, not go the free route.  Especially after the Equifax breach and more mainstream media covering cyber security related topics. – Frank Price, VP of product, Webroot
• Pressures on the Security vendors to prove their breach resilience will highlight vendors with poor practices, highlighted in global press, not just tech publications. – Paul Barnes, senior director product strategy, Webroot
• Google will block all insecure websites from being indexed and loading into browsers, with additional security checks on websites to ensure security. Also, the continued adoption of certificate pinning will mean that content inspection services will be less effective and DNS based web security will be primary. – Paul Barnes, senior director product strategy, Webroot

IoT

• Legislation will require IoT manufacturers to be responsible for producing products without known defects. –  Gary Hayslip, chief information security officer, Webroot
• NIST (national institute of standards and technology) will develop some type of IoT security control framework to use as a baseline for deploying these technologies. –  Gary Hayslip, chief information security officer, Webroot
• Data collected from IoT devices will be aggregated and used to develop an even larger more involved picture of customers’ habits – major loss of privacy without notification.  –  Gary Hayslip, chief information security officer, Webroot
• Mass IoT breach spanning consumers and businesses, like the Mirai botnet, this time with little ability to remediate based on attack disabling hardware and demanding ransom. – Paul Barnes, senior director product strategy, Webroot
• Pressures on ISPs to secure connected devices within the home will lead to network security being added as a core service for the consumer. – Paul Barnes, senior director product strategy, Webroot

MSPs

• MSPs reduce security vendors, focus on those who can provide features customers want and can show reportable value. – Jonathan Giffard, senior product manager, Webroot
• MSPs struggle to meet the security and compliance needs of their customers leading to a growth of SMB focussed compliance services and pressures on MSPs to evolve into Security experts. Also, Cyber insurance premiums will increase based on increased risks posed by increased attacks and low prevention capabilities. – Paul Barnes, senior director product strategy, Webroot