Ward Solutions, Ireland’s leading information security provider, has announced its cyber security predictions for 2018. Alongside warnings about the continuing arms race between Irish organisations and hackers, Ward forecasts that 2018 will be the year that a full-scale cyber war breaks out between countries. and they also predict that nation states and law enforcement agencies around the world will begin to use cyber tactics offensively.
2017 saw a significant escalation in the number of cyber-attacks levied against nation states, and Ward believes that 2018 will see similar growth in the number of attacks. However, what will change in 2018, according to the information security provider, is how nation states react to cyber-aggression. Many states, including a number of NATO allies, are currently drafting cyber warfare principles, and some agree that cyber-attacks on the part of another nation state constitute an effective act of war.
This justification could see states react with physical force to any virtual intrusion. Ward expects governments to adopt combative cyber strategies tackling both aggressive nation states and state-backed cybercriminals, a strategy that is likely to lead to the emergence of a cybersecurity war.
Ward Solutions also predicts that large swathes of the civilian population will be impacted as cyber-attacks intensify and increase in frequency. It believes that 2018 will see cybercriminals focus their attacks on critical infrastructure, such as national power grids, to destabilise the countries in their crosshairs. Ireland is ill-equipped to deal with this type of attack, according to the company.
Pat Larkin, CEO, Ward Solutions, told Irish tech News: “2018 will see cybersecurity threats increase further in sophistication and the amount of damage that they can potentially cause. Furthermore, as state-sponsored groups increase their attacks on countries’ national infrastructures, civilians could begin to suffer as essential services come under strain. Ireland is particularly unprepared to deal with an attack on our critical national infrastructure, and to protect our interests we need to implement a comprehensive national cyber security strategy as soon as possible.
“There is clear evidence that state-sponsored cyber-attacks are already happening around the world. Continued attacks on nations by cybercriminals will build legitimacy for national cyber response teams, and 2018 marks the tipping point when those targeted nations escalate their response to cyber-attacks, which they now classify an act of war. Cyber-attacks represent a very real threat to national security, and so expect countries to devise official coordinated defensive responses, utilising both cyber and physical, military force to protect their interests.
“We would expect certain nations to go on the offensive against hackers and launch coordinated cyber campaigns to disable them before they have the chance to strike. Offensive cyber strategies will become a key element in countries’ national defence plans, helping them to prevent attacks.”
As Artificial Intelligence (AI) and Machine Learning (ML) technologies become more prevalent, cybercriminals will start to embrace them and use them to supplement their attacks circumventing the advanced cybersecurity tools employed by businesses. At the same time, companies will also embrace AI and ML to bolster their defences and protect their assets. This will lead to an ongoing arms race between criminals and organisations, as both threats and defences increase in complexity.
General Data Protection Regulation (GDPR) will also remain a key priority for Irish companies in 2018, according to Ward, especially until the deadline for compliance arrives on 25th May.
Pat Larkin commented: “GDPR awareness will reach its zenith in the first few months’ of 2018, with the regulation itself set to come into force on May 25th. It is likely that punitive examples will be made of large organisations who will be fined heavily for failing to comply with the legislation. The focus on GDPR compliance will also drive the need for an overarching framework that will enable companies to maintain compliance with information security standards going forward.”