The World's Forum for Aerospace Leadership

  • Donate
  • Press Room
  • Renew
  • View Cart
American Institute of Aeronautics and Astronautics

    2018 Forecast for Cybersecurity

    2018 Forecast for Cybersecurity

    What can we expect in 2018 with regard to all things “cybersecurity”? What will really be new, or different, compared to recent years? Below, we offer Good Harbor’s forecast for 2018. The point of these “predictions” is not to place bets about what is likely to happen. Some of these predictions will come true, and some will not; keeping score is not the point. Instead, we make these predictions to expand our thinking on cybersecurity, to highlight issues that deserve more attention than they have received so far, and to expect, and prepare for, the unexpected.

    1. Hackers will seek to undermine confidence in diverse public institutions, as Russia did with several countries’ elections. The investigations into hacking and foreign interference in the 2016 U.S. Presidential Election have yet to subside. There is increased scrutiny on the U.S. electoral system. The media are also under pressure. In 2018, we will see adversaries — foreign and domestic — attempt to degrade public confidence in other public institutions, such as law enforcement, intelligence, or regulatory agencies, by continuing to seed the Internet with false information.

    2. In the U.S., Governors and state legislatures will lead the way on passing laws related to privacy and data security, while Congress will contemplate but not pass a national data breach law. A national data breach law will be debated in Congress, but the current Congress is unlikely to pass new regulations on business. States, led by governors who spent the last year at the National Governors Association (NGA) focused on cybersecurity, will move faster. In 2017, Good Harbor and NGA co-authored the Governor’s Guide to Cybersecurity as part of the NGA’s Meet the Threat initiative.

    3. Hacking will become an Olympic (or World Cup) sport: With the 2018 Winter Olympics taking place in Pyeongchang, South Korea, and the 2018 FIFA World Cup slated to take place in Russia, both of which are international hotspots with friends and foes who are active in cyberspace, a significant hack will affect one of these global sporting events, and phishing campaigns will highlight both of these events. So, when you are offered free streaming of a World Cup game at a website you don’t recognize, watch out!

    4. A cyber attack will feature prominently as U.S.-DPRK tensions escalate. North Korea is increasingly capable in cyber operations and North Korean hackers have made numerous attempts to establish themselves within U.S. critical infrastructure. The 2014 North Korean hack of Sony was devastating for the company. Kim Jong Un has ignored the world’s demands to suspend the development of the DPRK’s nuclear and ICBM programs, increasingly inflaming tensions with the West. Both sides know that if a shot is fired it could lead to nuclear war, so either the U.S. or DPRK may find that a cyber attack is a more desirable option given current circumstances.

    5. Rise of the third-party identity providers. As some countries move towards vetted identities in combination with multi-factor authentication at a national level, we will continue to see more private identity providers online, beginning a transition away from national ID numbers such as social security numbers being used for authentication. These intermediaries play a trusted role between users and services to verify that the user is in fact who they say they are. Though Facebook and Google are the most well-known third party identity providers at this time, we will see new players emerge specifically for enterprise customers.

    6. A discussion on biometric data security will rise to national prominence. Biometric authentication is proliferating, specifically in mobile devices, but the security of biometric data held by companies and devices has largely not been debated or regulated. While some providers including Apple have created allegedly highly secure forms of biometric authentication, others lack similar cryptographic and hardware-based controls on fingerprint, facial, and other forms of biometric data.

    7. One political campaign will hack another in the 2018 U.S. midterm elections. The 2016 U.S. election highlighted the impact that leaks of correspondence or sensitive documents can have on public sentiment and political campaigns. With the current accessibility of hackers-for-hire on the dark web, it stands to reason that a candidate, or more likely an over-eager staffer, may try to steal the credentials of a rival campaign in a last-ditch effort to swing the polls.

    8. Behavioral threat analytics will feature in cybersecurity solutions, including being incorporated into Managed Detection and Response (MDR) platforms. Identifying normal and anomalous user and asset behavior, especially with the support of machine learning, is a growing trend in cyber security that speeds threat detection and incident response. Behavior threat analytics will dovetail well with orchestration products and the trend of outsourcing detection and response to more sophisticated third-party security service providers. 

    9. Lackluster cryptocurrency wallet security will push regulators to provide basic safety and standards for this emerging market. Many cryptocurrency wallets remain insecure when compared to online banking systems or other financial platforms. Customers’ wallets are regularly hacked and emptied due to the lack of sufficient security, especially vis-à-vis multi-factor authentication. This lack of security will likely prompt regulators or legislators to classify cryptocurrency wallet providers as banks, forcing them to comply with a litany of onerous regulations which will aid in securing their customers’ funds, or to otherwise regulate them. Some wallet providers will shift their operations off-shore.

    10. A wiper malware hack will penetrate the back-up systems of a major company, making data recovery impossible or significantly delayed. Recovery is a central element of most enterprises’ cyber resilience and risk management efforts. With the advent of more disruptive malware, such as ransomware and wiper malware, back-ups are at risk, too. In 2018, a major company will experience a cybersecurity incident, turn to its back-up to execute recovery, and find that the back-ups are compromised, too.


    In addition to the predictions above, several topics and trends will continue to be important and deserve honorable mentions: cybersecurity as a factor in M&A diligence and transactions; the cloud as a base of operations or vector for attacks; cybersecurity technology solutions as the weak link, opening the door to enterprise breaches; DDoS attacks increasing in frequency and severity; the spread of extortion, especially but not limited to ransomware; the proliferation of tactics, techniques, and procedures to more malicious actors; software that has passed end-of-life as a source of major problems; and, a major cloud services provider having a significant failure, whether prolonged outage or security incident, that affects countless enterprises and individuals; and, more CEOs or executives “resigning” in the wake of breaches for having managed security inadequately or for covering them up.