Dr Nish regularly advises businesses and governments on cybersecurity and boasts experience both in investigating the technical side of attacks as well as their sociopolitical drivers.
He recently participated in multinational operations to tackle cyber-criminal groups and led research into some of the most sophisticated cyber-espionage campaigns to date. Other research interests include data-driven security and the emerging discipline of cyber threat intelligence.
Dr Nish holds a PhD in Physics from the University of Oxford and leads BAE Systems’ cyber threat intelligence team.
Given the record number of cyber heists in 2018, it is likely bank networks will continue to be in the crosshairs of financially motivated threat groups in 2019. However, there will be changes in how these groups attempt to move money from bank systems to their own hands.
Many attacks over recent years have focused on international interbank payment systems. These have a major disadvantage for criminals though, in that there is a delay of 24-48 hours before the funds are settled and available to be moved.
We anticipate attackers will shift to targeting banking systems that allow real-time settlement of funds
This time window allows the authorities time to catch up following an attack and freeze the funds.
In 2019 we anticipate attackers will shift to targeting systems that allow real-time settlement of funds – meaning that money can be moved through a network of accounts more quickly and ultimately laundered successfully. This will present a challenge for the community in terms of the speed of response and international co-operation.
How many times over the past year have you had to click a ‘Forgot Password’ link? And was that more than the previous year?
For all but the geniuses among us, the challenge of remembering individual passwords for dozens of websites and apps is becoming too much to handle. Add to this the fact that more vendors are following ‘best practice’ and forcing use of special characters, increased length, regular password changes; and the task quickly becomes impossible.
Security engineers have long had it in for passwords, and leading tech firms have begun to adopt smarter, more friction-free alternatives. A ‘survival-of-the-fastest’ rule exists for online services, and those presenting a login screen hurdle will find their usage declining as leaders choose new authentication technologies. Could 2019 be the year that turns the tide on the scourge of passwords?
Advances in machine learning and automation are set to bring continued benefits to businesses and consumers alike. However, this is not without costs and risks.
Displacement of workers will lead to social issues; a proliferation of data collection will create privacy and security concerns; and there will be worries that the robots are making too many decisions or taking over (Hollywood has been forewarning us of this for decades…).
In 2019 we may see the emergence of activist groups concerned with the potential for an AI revolution and the negative impacts this may have. Such groups could begin to deploy tactics to counter robotic systems and AI. For example, putting stickers on road signs to trick sensors in autonomous vehicles resulting in mistakes and potentially even accidents.
The value of anything is only whatever someone else is willing to pay for it. For Bitcoin in 2019 that may well be close to zero.
The Bitcoin bubble is bursting, and a 40% drop in recent months may be foreshadowing even further falls to come next year.
2019 could be a year of reckoning for Bitcoin
Although there is still promise that crypto-currency could yield benefits for consumers, for example in areas such as speed of transaction and global portability, the recent volatility will scare off both investors and potential corporate users.
Without mainstream adoption, the hope of stabilisation will diminish and those who’ve previously invested will look to sell while they can. 2019 could be a year of reckoning for Bitcoin, but it need not spell the end of crypto-currency generally.
The Panama Papers and subsequent revelations have resulted in greater requirement for regulated industries to Know Your Customer (KYC) and establish Ultimate Beneficial Owner (UBO). 2019 will further put pressure on the sector around KYC, but will also see extra constraints due to GDPR. UBO requirements ask for more data to be analysed, but GDPR asks for proportionate data to be analysed.
The regulations are at odds with each other in regards to financial crime prevention and we anticipate this will cause more challenges for organisations required to comply with both. This will likely result in test cases to establish how organisations interpret the conflicting needs and potentially even changes in regulations as lessons are learned.
