What cybersecurity trends will 2019 bring?

What does 2019 have in store for us? In 2018, the world of cybersecurity certainly saw its share of surprise cyberattacks, zero-day attacks, and other methods ranging from the new to the familiar. In an attempt to forecast the trends for 2019, we've gathered information on weak signals, combined with the latest industry analyses and the opinions of our experts. We've managed to identify four trends in the form of scenarios which are likely to shape cybersecurity over the coming year. No need for a crystal ball...

Cybercrime as a new social phenomenon

The situation in 2018...

In early 2018, two researchers discovered significant vulnerabilities at petrol stations in the United States, which had enabled criminals to deactivate petrol pumps, redirect payments and steal customers' card numbers. This technique was repeated in other cases, such as in the north of France, where an individual was caught red-handed in October 2018.

In March 2018, Guillaume Poupard, the Director General of ANSSI, raised concerns regarding the protection of the entire chain of energy actors - including consumers - during a speech before the French National Defence and Armed Forces Committee.

What 2019 could bring...

What if tomorrow's hackers target everyday consumer goods and widely-used services? Citizens' solutions to issues such as recent rises in costs of living and energy may well fall outside legal frameworks. Using petrol pumps for free could then become a far more frequent activity than it is today.

Meanwhile, and similarly to the Sciences Po hack in France, prestigious schools entrance exams or mid-year university exams could become sources of profit. Administrative bodies and examiners would not be engaging in corruption, but more and more candidates would be preparing to hack servers where model answers are stored. These would likely not involve sophisticated hacking operations, but students who have mastered the art of social engineering. This new generation of hackers may be able to access tests, by combing through the online lives of their victims or simply via phishing operations, before selling them to the highest bidder.

A corrupted update on a reliable server

What's happened so far...

In 2018, two researchers demonstrated how to compromise corporate networks by hacking into Windows Server Update Services and replacing security patches with malware. Facebook and Google were also affected in 2018 by major security breaches, reinforcing their image of IT giants with feet of clay.

In May 2018, fake Android mobile applications for the Fortnite game were launched, carrying malware such as bitcoin mining applications.

By 2017, certain sources were already suggesting that the ransomware NotPetya had initially been spread via updates for the accounting software MeDoc, available on the server of the solution's Ukrainian publisher.

What 2019 could bring...

For optimal protection, it is recommended to always have the latest available version of a software or application. But what if this update is itself corrupt? Responding to this new cybersecurity recommendation, hackers may create a new form of malware: a sophisticated, silent ransomware, capable of bypassing sandbox mechanisms before infecting an update for a universally trusted server such as the App Store or the Google Play Store. After some deliberation they might choose an application to which 1.3 billion users have arguably become addicted: "Messenger".

After several hours, the Facebook, Apple and Google teams would realise and provide users with a patch. But the hackers might have already thought to integrate a function into their ransomware that disables the application in the event of any updates. Internet users, by in an emotional strain caused by the fear of missing out, might then find themselves paying the ransom to continue receiving their daily notifications...

Botnets at the service of artificial intelligence

What happened in 2018...

In 2018, hackers used botnets not only to conduct conventional denial-of-service (DoS) attacks, but also to hack into information systems. Other hackers infected around 100,000 home routers through email advertising operations. One group in particular created a system of three botnets designed to generate fake traffic on fake websites, through which they were able to earn real advertising revenue – and scam Google in the process.

Meanwhile, late 2018 was marked by numerous data breaches, with those experienced by Facebook (with a breach of more than 200 million users), Quora (100 million) and Marriott (500 million) ranking among the top ten largest data breaches of the year. At the very beginning of 2019, around a hundred politicians and public figures were also affected by similar attacks in Germany.

Finally, 2018 also saw a surge in the prevalence of artificial intelligence, which has been drawing a great deal of attention in cyberspace. And the IBM adverts of November 2018 seem to have finally transformed it from a mere buzzword into a genuine opportunity.

What 2019 could bring...

What if the major botnets of the future aren’t used to for destructive purposes, at least not immediately? To exist, artificial intelligence must be provided with a continuous and exponentially-growing amount of data. In the case of artificial intelligence used for malicious purposes, this data could be samples of behaviour of the targeted company’s employees. Faced with the problem of retrieving this data, what could be better than a botnet capable of scanning large numbers of servers, email exchanges, and other digital networks of employees connected via their workstations?

Hackers will no longer necessarily seek a place in the rankings of the largest data breaches of the year, instead aiming to make the greatest use of the smallest amounts of data. Tomorrow’s botnets could then be used to provide malicious artificial intelligence with data, and thus teach them to better exploit and influence these behaviours, with the cyberattacks of the future becoming increasingly automated as a result.

After having copied the behaviour of certain members of the management committee, email exchanges with the CEO or a chat session with the company’s financial director could convince even the most sceptical of minds. Phishing operations thus have the potential to become more efficient than ever...

Blurring the distinction between the digital and the physical

What happened in 2018...

With the emergence of the Internet of Things, hackers are increasingly carrying out attacks on individuals. In 2018, the extent of data breaches reached new heights. Ranging from login details to medical data and biometrics, the quantity of stolen data now measures in the hundreds of millions, if not billions.

In January 2018, the physical dimension and relevance of this data shocked the general public after a sports application revealed the geolocation of American military bases in the Middle East.

What could happen in 2019...

Throughout recent data breaches such as those that marked 2018, hackers have been directly using Big Data and drawing inspiration from the marketing rules of targeted advertising to heighten the effectiveness of their attacks. ‘Spearphishing’ thus enables increasingly targeted and precise cyberattacks. And with connected objects, this information is no longer solely digital, as it takes on an undeniably physical nature. Information such as email addresses and credit card details will increasingly be replaced by physical data, ranging from real-time location and daily commutes to one's heart rate – information that enables individuals’ lives to be systematically profiled and their privacy compromised.

Hackers may then acquire the ability to analyse data in large groups and identify activities that are dubious in nature (such as adultery or visits to pornographic sites), if not illegal. With this information, all they will need to do is blackmail their victims. Far from phishing emails that may border on parody, ransom requests (which could become physical in nature) will be substantiated and well-documented.