Looking back at the evolution of cyber attacks, it’s clear that the nature of cyber attacks are changing and getting more sophisticated.
I am confident that cyber attacks will continue to increase, continue to grow more sophisticated, and continue to exploit new ways to profit from cyber crime.
Here are my predictions for some of the new threats that will emerge in the future of cyber attacks and cyber crime.
Criminals will find newer, better ways to keep control over the machines they’ve infected. Currently, when a hack is discovered it’s usually well known how to clean the machine and eliminate the infection.
Future attacks will maintain their presence and be harder to clean off. To do this, they will plant additional backdoors and keep themselves embedded even when IT tries to clean them off.
One way to do this would be to locate backups and infect those as well. Presently, backups that were done while the system was clean are not infected and IT can trust that going back to the clean backup with remove the infection.
It won’t be that easy to recover from an infection any more once the hackers figure out how to infect the backup files as well. Once that happens, it won’t be safe and easy to restore from backup to clean up a backup.
If the backup can’t be infected, then the backup files will be deleted so that either way restoring from good backups isn’t an option for getting rid of the infection within your network.
Other types of burrowed hacks could include hacks that open ports on the firewall so that future break-ins are easier.
These are Hacks that stay dormant for a long time, making it impossible to know when the machine was originally hacked.
Similar to burrowed hacks, this makes it harder to clean off because IT won’t know how far back to go back to restore clean backup files
So if a network is infected in January, but the hack doesn’t activate until April all of the backups between January and April are infected.
When IT notices the problem in April and tries to clean it up, they won’t know that the infection has been there for months and won’t restore an old enough backup to get clean files. This will result in the infection continuing to exist on the network, probably going back into sleeper mode so that IT will assume it’s cleaned off meanwhile it’s still on the network and infecting additional months of backups until it activates again.
Hacker agents are machines inside a network that work to infect other machines but otherwise don’t do anything suspicious or malicious themselves.
Because they don’t exhibit the normal behaviors of infected machines, they won’t be easily detected and you will assume they’re safe.
However, they’ll be working to infect other machines on your network including machines which have been recently cleaned of infection.
Hacker agents will actively work to spread infections within a network without being detected so that they can continue to exist on the network and spread future infections even after IT attempts to clean things up on the network.
Future hacks will combine existing approaches to spread faster and be more resilient against eradication efforts.
One combination hack could consist of multiple devices working together (for example server and firewall both hacked). By working together, there is a higher chance that clean up attempts will miss something which can then re-infect the network.
Other combination hacks will include elements of existing hack types to make a hybrid that is harder to remove, for example: burrowed and sleeper hacks combined.
Mobile devices joining botnets
Smart phones, iPads, tablets, etc. are Internet-connected computing devices. It’s only a matter of time before these devices are targeted by viruses and Trojans the way PCs and servers are today.
Once that happens, cyber criminals will begin recruiting these devices into botnets the way PC computers are today.
These mobile devices will join the existing botnet armies already made up of PCs and servers plus increasingly more internet devices like DVRs, routers, IP cameras, smart home devices, and everything else that will make up the Internet of Things.
Cell phones that are in botnets will be under the control of the bot master running them. This will enable the bot master to spam out SMS messages using the smartphones they control.
Imagine getting a text message from your friend telling you to check out a website or use a special coupon they’re sharing with you.
When you click the link, you’re taken to whatever website the bot master wants. It could be a legitimate site or it could be a phishing site where all the data you enter goes straight to the cyber criminals.
Or they could just use the messages to send out advertisements or messages designed to influence.
Imagine if millions of spam SMS messages were sent around the time of an election that were geared towards influencing the election
By bashing one candidate or praising another, these messages would attempt to sway the opinions of Americans to vote the way the cyber criminals want them to vote.
Since any kind of text message could be sent, the uses are endless.
Another form of SMS spam, in this case the messages either have a direct effect or cost the sender money.
For example, there are many polls or votes conducted today where you can vote via SMS message. (One example is the TV show, “The Voice” where you can vote for your favorite contestant by texting a message to a specific number.)
If hackers take over enough mobile phones, they can use SMS fraud to control the outcome of these polls.
One other scenario is to make your phone send SMS messages to services that cost you money. Without you even being aware of it, your phone could start sending text messages to a number that causes a charge to occur on your bill each time.
Spread out over enough phones, even just one of two of these messages sent by each phone could add up to thousands and thousands of dollars for the criminals.
And with only a few messages each month, it would probably go unnoticed by most people as their phone bill wouldn’t change significantly.
SMS denial of service attacks (SMSDOS)
Just like denial of service attacks on the Internet, SMS denial of service attacks would use the power of many hacked mobile devices all sending messages to the same target(s) to swamp those targets with an overwhelming number of messages.
Imagine if you are the target of one of those attacks and suddenly your phone is getting thousands of text messages per minute.
It would be horrible! Your text message alert sound would be going off like crazy. Your phone would be buzzing like mad. It will be practically unusable due to having to react to the constant stream of incoming text messages. Certainly you wouldn’t be able to send a message out via text message. You probably couldn’t even use your phone to make a call, surf the Internet, or use your email. And it would drain your battery.
Just like with Internet denial of service attacks, SMS denial of service attacks would be nearly impossible to stop because the attack is coming from so many sources all over.
Capturing SMS messages
Many electronic security processes today rely on sending an SMS message to you for verification. One example is when logging into your online banking account, the bank may send you a text message to verify you’re really you.
Once your phone is hacked, criminals will be able to capture these security codes. It may even be possible for them to hide them from your phone so you can’t even see them.
That would effectively allow the hackers to attempt logging into your bank account and bypass the security check without you even knowing about it.
AI and machine learning
This isn’t as specific as my previous predictions but I still foresee this happening in the not-so-distant future.
Any tool that is created can be used for bad or good. Artificial intelligence and machine learning are no different.
These same tools that are making our lives easier and computers more useful will be used by criminals against us.
Machine learning and artificial intelligence will enable criminal systems to get smarter and smarter, predict human behavior, adapt in the cases they can’t predict, and possibly even imitate a human to trick us into letting our guard down.
The example I’ll give is extreme today but very possible in the future.
By hacking into your phone and analyzing your text message history, machine learning could identify your most trusted contacts. Then using SMS fraud, an artificial intelligence pretends to be you and sends messages to your most trusted contacts communicating back and forth with them in an effort to trick them into giving up sensitive information like their bank account, SSN, passwords to various services, etc.
If you got a text message from your husband or wife saying, “What’s the PIN on our debit card again?” How many of us would answer without a second thought?
Probably too many.
Tools can be used for good and for bad
As our lives become increasingly digital, connected, and automated we are more and more dependent on technology. With the increase in power of our electronic tools comes both an increase in benefits and an increased risk. For like all tools, they can get used for doing good and for causing harm.
– Weston Henry
What does the future of Cybersecurity look like to you?
Do you agree or disagree with my predictions?