Anti-AI activists and the death of the password: 5 cybersecurity trends for 2019

Dr Adrian Nish

Head of Threat Intelligence, BAE Systems

Author Bio ▼

Dr Nish regularly advises both businesses and governments on cyber issues, with experience both in investigating the technical components of attacks, as well as their socio-political drivers. He recently participated in multinational operations to tackle cyber-criminal groups, as well as leading research into some of the most sophisticated cyber-espionage campaigns disclosed to date. Other research interests include data-driven security, and the emerging discipline of cyber threat intelligence. Adrian is the Cyber Threat Intelligence team lead at BAE Systems and holds a PhD in Physics from the University of Oxford.
December 18, 2018

Sign up to free email newsletters

Download

Dorgard Pro: Holding fire doors open – until the alarm sounds

Dr Adrian Nish, head of threat intelligence at BAE Systems, offers five predictions on how the cyber threat landscape will evolve in 2019.

Dr Nish regularly advises businesses and governments on cybersecurity and boasts experience both in investigating the technical side of attacks as well as their sociopolitical drivers.

He recently participated in multinational operations to tackle cyber-criminal groups and led research into some of the most sophisticated cyber-espionage campaigns to date. Other research interests include data-driven security and the emerging discipline of cyber threat intelligence.

Dr Nish holds a PhD in Physics from the University of Oxford and leads BAE Systems’ cyber threat intelligence team.

1. Bank heists move to real time

Given the record number of cyber heists in 2018, it is likely bank networks will continue to be in the crosshairs of financially motivated threat groups in 2019. However, there will be changes in how these groups attempt to move money from bank systems to their own hands.

Many attacks over recent years have focused on international interbank payment systems. These have a major disadvantage for criminals though, in that there is a delay of 24-48 hours before the funds are settled and available to be moved.

We anticipate attackers will shift to targeting banking systems that allow real-time settlement of funds

This time window allows the authorities time to catch up following an attack and freeze the funds.

In 2019 we anticipate attackers will shift to targeting systems that allow real-time settlement of funds – meaning that money can be moved through a network of accounts more quickly and ultimately laundered successfully. This will present a challenge for the community in terms of the speed of response and international co-operation.

2. The death of the password

How many times over the past year have you had to click a ‘Forgot Password’ link? And was that more than the previous year?

For all but the geniuses among us, the challenge of remembering individual passwords for dozens of websites and apps is becoming too much to handle. Add to this the fact that more vendors are following ‘best practice’ and forcing use of special characters, increased length, regular password changes; and the task quickly becomes impossible.

Security engineers have long had it in for passwords, and leading tech firms have begun to adopt smarter, more friction-free alternatives.  A ‘survival-of-the-fastest’ rule exists for online services, and those presenting a login screen hurdle will find their usage declining as leaders choose new authentication technologies.  Could 2019 be the year that turns the tide on the scourge of passwords?

3. Anti-AI activists attack

Advances in machine learning and automation are set to bring continued benefits to businesses and consumers alike. However, this is not without costs and risks.

Displacement of workers will lead to social issues; a proliferation of data collection will create privacy and security concerns; and there will be worries that the robots are making too many decisions or taking over (Hollywood has been forewarning us of this for decades…).

In 2019 we may see the emergence of activist groups concerned with the potential for an AI revolution and the negative impacts this may have. Such groups could begin to deploy tactics to counter robotic systems and AI.  For example, putting stickers on road signs to trick sensors in autonomous vehicles resulting in mistakes and potentially even accidents.

4. Bitcoin crashes

The value of anything is only whatever someone else is willing to pay for it. For Bitcoin in 2019 that may well be close to zero.

The Bitcoin bubble is bursting, and a 40% drop in recent months may be foreshadowing even further falls to come next year.

2019 could be a year of reckoning for Bitcoin

Although there is still promise that crypto-currency could yield benefits for consumers, for example in areas such as speed of transaction and global portability, the recent volatility will scare off both investors and potential corporate users.

Without mainstream adoption, the hope of stabilisation will diminish and those who’ve previously invested will look to sell while they can. 2019 could be a year of reckoning for Bitcoin, but it need not spell the end of crypto-currency generally.

5. Testing times for regulations

The Panama Papers and subsequent revelations have resulted in greater requirement for regulated industries to Know Your Customer (KYC) and establish Ultimate Beneficial Owner (UBO). 2019 will further put pressure on the sector around KYC, but will also see extra constraints due to GDPR. UBO requirements ask for more data to be analysed, but GDPR asks for proportionate data to be analysed.

The regulations are at odds with each other in regards to financial crime prevention and we anticipate this will cause more challenges for organisations required to comply with both. This will likely result in test cases to establish how organisations interpret the conflicting needs and potentially even changes in regulations as lessons are learned.

Discover the latest in cyber security - join the live conversation

Don't miss the Future of Security Theatre at IFSEC International 2019 - June 18-20, ExCeL London

As Europe's leading integrated security event, IFSEC 2019 is delivering a programme of education dedicated to innovation at the cutting edge of the security industry, courtesy of IFSEC’s education partner Tavcom.

Get your free ticket today to join the CPD-accredited sessions and presentations tackling the critical issues around advancing technologies.

Related Topics

Leave a Reply

avatar
  Subscribe  
Notify of

Sign up to free email newsletters