We’re excited to bring Transform 2022 back in person on July 19 and pretty much July 20-28. Join AI and data leaders for insightful conversations and exciting networking opportunities. Register today!
Predicting cyber threats was an elusive goal. Unlike in healthcare, where early diagnosis can be used to predict and hopefully prevent disease, cybersecurity has never had a reliable means of determining whether an attack is imminent. This is especially true for isolated cyber breaches, such as data theft, which are often decided on a whim.
That said, it has recently been noticed by this author that certain historical patterns to do that can be used to predict large-scale cyber threats. Unfortunately, as will be shown below, analysis and extrapolation of the patterns suggest an inconvenient progression to a major global cyber war† Let’s go through the relevant patterns.
Threat Pattern 1: Worms
In 1988, the first worm was created by a student for the innocent purpose of determining whether such a program could work. This was followed by a long period of minimal worm activity, but was interrupted in 2003 by a major outbreak of worms such as Slammer, Blaster and Nachi. These worms significantly disrupted important business activities.
The pattern here was that an initial small scale attack occurred in 1988, followed by 15 years of relative calm, which ended with a significant large scale attack in 2003. Worms are still a cyber threat, but not much has changed in their design since 2003. Worms are now back in a period of relative rest.
Threat Pattern 2: Botnets
The first botnet appeared in 1999, followed by a similar attack in March 2000. This was followed by a period of relative calm in design innovation for DDoS attacks. For example, the attack volume remained relatively constant until 13 years later, when Iranian hackers launched a series of massive layer 3/7 DDoS attacks on US banks.
Again, the pattern was that an initial small scale attack took place in 1999, followed by 13 years of silence, which ended with a large scale event in 2012. Like worms, botnets also still pose a security problem, but they haven’t undergone many significant design changes since 2012. Botnet design is also in a relatively quiet period these days.
Threat Pattern 3: Ransomware
In 2008, a paper by the anonymous Satoshi introduced Bitcoin. That year, nearly half of all Bitcoin transactions were initiated for nefarious purposes. Little has changed in the way cryptocurrency was used for illegal activities for about 11 years until about 2019, when cryptocurrency-enabled ransomware exploded as a massive problem.
Again the first small scale threat emerged in 2008, followed by 11 years of relatively constant abuse, culminating in a ransomware explosion large scale issue. Ransomware remains a problem, but the basic mechanism and approach have not changed much since 2019.
Threat Pattern 4: ICS Attacks
In 2010, electronic attackers launched the Stuxnet attack on a nuclear processing facility in Iran. This futuristic campaign focused on a centrifuge and let it spiral out of control, causing a lot of physical damage. Since then, we have seen relatively few spikes in the intensity of ICS attacks, despite a 2015 attack by Russia on Ukraine’s energy infrastructure.
Using our pattern analysis we can start with the small scale Stuxnet incident in 2010, add about 14 years and predict a massive eruption of large scale ICS attacks are coming in 2024. It is likely that ICS attacks will occur with the frequency and inevitability of ransomware today. The potentially serious consequences of such attacks cannot be underestimated.
Threat Pattern 5: AI
In 2013, Cylance was one of the first innovators in applying artificial intelligence (AI) to cybersecurity issues. In the following years, AI techniques such as machine learning have become de rigueur for cybersecurity, especially for defense. Few major advances have been made in this area over the past decade, other than vendors building AI products.
Using our pattern analysis, we can start with: small scale application of AI in 2013, add about 14 years, and predict that large scale AI security incidents will occur in 2027. It seems reasonable to expect that such innovation will lead to the use of AI for cybercrime. China seems well suited to take on such threats.
Threat Pattern 6: Cyber Wars
Dorothy Denning’s 1999 book showed how cybercrime could complement conventional warfare, and the 2007 Estonian cyber incident was disturbing indeed. However, the first real cyber war battles have yet to take place. For example, we have never seen significant loss of life as a result of cyber warfare.
Our definition of cyber war is that cyber attacks are used as a primary means to accomplish the ultimate mission of the war fighter. This includes using cybercrime to kill people, damage or destroy infrastructure, and claim ownership and control over the cities and regions of a nation-state adversary.
So you might expect the first real cyber war to take place between Russia and Ukraine later in 2022. If we add 14 years to this impending event, we can predict that a large-scale global cyberwar will take place in 2036. The US, the European Union and China are likely to be involved.
Cyberwar: The Implication of Predictive Modeling
Our analysis suggests that organizations need to start preparing for ICS attacks, AI-based offensives and a global cyber war. While such depressing events can bring a moment of pause, looking back at the progress of cyber threats from innocent hackers to nation-state actors is equally troubling.
Cyber readiness guidelines are beyond the scope of this, but risk reductions can be achieved by the following: First, cybersecurity education needs to be improved to expand the skilled workforce. Second, inflexible hardware components must be replaced by more virtualized software. And third, the cyber infrastructure needs to be simplified. Complexity always equals uncertainty.
Loving Ed is founder and CEO of Tag Cyber.
DataDecision makers
Welcome to the VentureBeat Community!
DataDecisionMakers is where experts, including the technical people who do data work, can share data-related insights and innovation.
If you want to read about the very latest ideas and up-to-date information, best practices and the future of data and data technology, join us at DataDecisionMakers.
You might even consider contributing an article yourself!
Read more from DataDecisionMakers