2023 is just around the corner, but even now we can catch a glimpse of the future. IT security experts have predicted for WhiteSecure that it will be a year filled with everything from geopolitical IT drama to “2038 problems” and “shallowfakes”. It will be a year when IT security is more important than ever to protect our data and our security. It is important that we stay up to date and protect ourselves against all new threats.
Malware campaigns will move from human speed to machine speed
Malware campaigns will move from human speed to machine speed. The most capable cybercrime groups will use simple machine learning techniques to automate the deployment and operation of malicious campaigns, including automated response to our defenses. Malware automation will include techniques such as rewriting malicious emails, registering and creating malicious websites, and rewriting and compiling malicious code to avoid detection.
“The FAANGs” will end up in bad weather
The FAANGs (Facebook, Amazon, Apple, Netflix and Google) will come under increased scrutiny from regulators around the world, for two reasons. 1).The availability of cloud services; a large-scale, prolonged outage in the cloud service will raise questions about concentration risk. 2). Market failure: AWS, Microsoft or Google will be embroiled in trust issues as users of cloud services become increasingly dependent on the three service providers that control half the global market.
Satellite communications will become a geopolitical target
Private initiatives (eg, Elon Musk’s Starlink network) will be seen as trampling on long-standing international agreements on the exploitation of space, increasing geopolitical tensions. When the geopolitical situation is right, the space powers will hold discussions about creating a geospace treaty to bring order to the management of satellites orbiting the Earth. Until then, they will be targets for cyber crime.
The digital world will become more fragile
The Internet has become a source of vulnerability. 90% of international internet traffic flows through only 436 undersea cables and if several lines are broken there is not much free bandwidth to spare. Financial transactions totaling over $10 trillion are made online every day and cable disruptions would have an immediate effect on the economy, potentially crippling the banking system and halting trade. Cables are easy to sabotage. Expect internet connectivity to be threatened in response to adverse geopolitical events.
Cryptocurrencies such as Bitcoin is a digital money protocol that enables peer-to-peer transactions without the need for a central intermediary. Data mining is a computationally intensive way to prevent fraud and build trust among cryptocurrency users. For example, the Bitcoin network uses as much power as Malaysia or Sweden. Cryptocurrencies will be pushed to provide greener ways to maintain security. Expect to see environmental regulation of computationally inefficient providers of cryptocurrency services, as well as new forms of fraud based on undermining the security method “proof of stake” such as The Etherium Foundation has introduced, which is said to reduce consumption by 100%.
Metaverse will dispel our telecommuting blues
Metaverse – a virtual reality where users can interact in a computer-generated environment with other users. This will increasingly be seen as an alternative to costly offices. New techniques will be developed to communicate a profoundly consistent understanding of complex, multidimensional narratives. Security will follow in the wake of this development and until it catches up, it will be difficult to verify that participants are who they say they are, and that each person is getting a tamper-free and authentic experience.
The year 2038 is closer than we think, so buckle up and start preparing
We are slowly starting to see problems with ‘Year 2038’, where technology plays a big role. The problem can be likened to the year 2000 when computers were predicted to have “year 00” problems, the same applies here, due to a time format bug. Things that can be affected are e.g. the calculation of contract termination dates, warranty expiration dates for major purchases or processes in the industrial world, etc. The initial 2038 problems we will see today and in the next few years until 2038 will have to do with planning, commissioning, public infrastructure and other systems , where future dates must be used. Companies will need to review software used in their
Social networks will continue to have the same problems they have today
Existing social networking companies will continue to inadequately address misinformation, online harassment and the problem that recommendation mechanisms lead many people to believe dangerous conspiracy theories and extreme views.
“Shallowfakes” will continue to prevail over “deepfakes”
There will be further attempts to use deepfakes for disinformation purposes and more convincing videos than today are likely to be created. However, “shallowfakes”, “screenshot tweets” that have not yet occurred, manipulated newspaper headlines, links to fake news articles and misattributed videos will continue to be an increasingly effective and widely used tool for spreading disinformation.
New image synthesis techniques will be used to create fake avatars for social networks
Detecting GAN-generated avatars (avatars produced using a machine learning model) used for fake social media accounts is currently a relatively simple process, given that they are all generated by thispersondoesnotexist.com. A new site implementing the latest image generation techniques will certainly be launched, which will make it much more difficult to detect the use of synthetic images in fake avatars on social media.
Russia will turn into a bandit state, even in cyberspace
On February 24, 2022, Russia became a state that has nothing to lose. It is reasonable to expect that it will become a haven for cybercriminal groups and possibly even state-controlled ones. Currently, Russia has no incentive to restrict or prosecute cybercriminal gangs that attack the “unfriendly states”. Some of the state-sponsored activity can be disguised as “hacktivism” or independent cyber gangs. North Korea is a model for such activities at the state level.
Written by WithSecure’s Mikko Hyppönen, Paul Brucciani, Christine Bejerasco, Tom Van de Wiele, Andrew Patel and Leszek Tasiemski