In little over a decade, cybercrime has moved from being a specialist and niche-crime type to one of the most significant strategic risks facing the world today, according to the World Economic Forum Global Risks Report 2019. Nearly every technologically advanced state and emerging economy in the world has made it a priority to mitigate the impact of financially motivated cybercrime.
The global experience of the past decade has largely been dominated by the emergence of a professional underground economy that provides scale, significant return-on-investment and entry points for criminals to turn a technical specialist crime into a global volume crime. The cybersecurity landscape in the past decade has been shaped by the targeting of financial institutions, notably with malware configured to harvest payment information and target financial platforms. The early cybercrime market that gave rise to the criminal online ecosystem was centred on the trading of harvested stolen credit cards, and some of the most high-profile and sophisticated global attacks focus on the penetration and manipulation of the internal networks of complex global payment systems.
The Russian-speaking world has not been immune from these trends. Cyberattacks on financial organizations in Russia, Central Asia and Eastern Europe by some of the most sophisticated cybercrime gangs in the world have targeted clients, digital channels and networks. The Russian-speaking underground economy is one of the most active globally, with hundreds of fora and tens of thousands of users. Criminal groups exploit the margins of co-operation to conduct global campaigns, and their threat capacity is always adapting as groups work together in a borderless environment to combat technical defences.
The past 10 years mark only the start of the global cybersecurity journey. New architectures and cooperation are required as we stand at the brink of a new era of cybercrime, which will be empowered by new and emergent technology. These three technologies might very well define the next 10 years of global cybersecurity:
A new generation of 5G networks will be the single most challenging issue for the cybersecurity landscape. It is not just faster internet; the design of 5G will mean that the world will enter into an era where, by 2025, 75 billion new devices will be connecting to the internet every year, running critical applications and infrastructure at nearly 1,000 times the speed of the current internet. This will provide the architecture for connecting whole new industries, geographies and communities — but at the same time it will hugely alter the threat landscape, as it potentially moves cybercrime from being an invisible, financially driven issue to one where real and serious physical damage will occur at a 5G pace.
5G will potentially provide any attacker with instant access to vulnerable networks. When this is combined with the enterprise and operational technology, a new generation of cyberattacks will emerge, some of which we are already seeing. The recent ransomware attack against the US city of Baltimore, for example, locked 10,000 employees out of their workstations. In the near future, smart city infrastructures will provide interconnected systems at a new scale, from transport systems for driverless cars, automated water and waste systems, to emergency workers and services, all interdependent and — potentially — as highly vulnerable as they are highly connected. In 2017, the WannaCry attack that took parts of the UK’s National Health Service down took days to spread globally, but in a 5G era the malware would spread this attack at the speed of light. It is clear that 5G will not only enable great prosperity and help to save people’s lives, it will also have the capacity to thrust cybercrime into the real world at a scale and with consequences yet unknown.
To build cyber defences capable of operating at the scale and pace needed to safeguard our digital prosperity, artificial intelligence (AI) is a critical component in how the world can build global immunity from attacks. Given the need for huge efficiencies in detection, provision of situational awareness and real-time remediation of threats, automation and AI-driven solutions are the future of cybersecurity. Critically, however, the experience of cybercrime to-date shows that any technical developments in AI are quickly seized upon and exploited by the criminal community, posing entirely new challenges to cybersecurity in the global threat landscape.
The use of AI by criminals will potentially bypass — in an instant — entire generations of technical controls that industries have built up over decades. In the financial services sector we will soon start to see criminals deploy malware with the ability to capture and exploit voice synthesis technology, mimicking human behaviour and biometric data to circumvent authentication of controls for people’s bank accounts, for example. But this is only the beginning. Criminal use of AI will almost certainly generate new attack cycles, highly targeted and deployed for the greatest impact, and in ways that were not thought possible in industries never previously targeted: in areas such as biotech, for the theft and manipulation of stored DNA code; mobility, for the hijacking of unmanned vehicles; and healthcare, where ransomware will be timed and deployed for maximum impact.
To combat these emerging threats, biometrics is being widely introduced in different sectors and with various aims around the world, while at the same time raising significant challenges for the global security community. Biometrics and next-generation authentication require high volumes of data about an individual, their activity and behaviour. Voices, faces and the slightest details of movement and behavioural traits will need to be stored globally, and this will drive cybercriminals to target and exploit a new generation of personal data. Exploitation will no longer be limited to the theft of people’s credit card number, but will target theft of their being — their fingerprints, voice identification and retinal scans.
Most experts agree that three-factor authentication is the best available option, and that two-factor authentication is a must. ‘Know’ (password), ‘have’ (token) and ‘are’ (biometrics) are the three factors for authentication, and each one makes this process stronger and more secure. For those charged with defending our digital future, however, understanding an entire ecosystem of biometric software, technology and storage points makes it still harder to defend the rapidly and ever-expanding attack surface.
Over the past decade, criminals have been able to seize on a low-risk, high-reward landscape in which attribution is rare and significant pressure is placed on the traditional levers and responses to crime. In the next 10 years, the cybersecurity landscape could change significantly, driven by a new generation of transformative technology. To understand how to secure our shared digital future we must first understand how the security community believes the cyberthreat will change and how the consequent risk landscape will be transformed. This critical and urgent analysis must be based on evidence and research, and must leverage the expertise of those in academia, the technical community and policymakers around the world. By doing this, the security ecosystem can help build a new generation of cybersecurity defences and partnerships that will enable global prosperity.