As promised earlier, here is the second part of my trend report a little earlier than stated. Tomorrow I will publish the Appendix with some or the sources I have used to compile this report. Suggestions and feedback are more than welcome.
Bitcoin is gaining a large market capitalization and acceptance among merchants. The underlying infrastructure, blockchain, is gaining traction in all segments of the society, not only within finance. Regulation in this field could both be an inhibitor and a driver of adoption. The main three driving forces are the diaspora and refugee streams, Internet of Things and the robotization of the Internet. The three inhibiting forces are a plummeting trust in bitcoin, feeling of a new ”.COM” bubble and the uninterested/uninformed user of the intended services.
The cyber threat landscape has evolved into a sophisticated money-making venture. Statistics from UK suggests that the cyber crime alone is larger than all other crime combined. By the transformation of payments and the underlying infrastructure in other areas, the innovation by the criminals will secure new income streams by cyber criminality.
Cyber Security Scenarios to come?
I have outlined a high-level graphic that illustrates the evolution of Cyber threats in figure 1.
Figure 1. Evolution of the Cyber threats: Vectors & motivations
What I am trying to illustrate in a very crude way is the evolution of the threat landscape from ”simple” viruses developed by curious academics to present-day stealth attack vectors developed for maximum effect. The motivation of todays adversaries are not so academicly curious. Instead, we se state-sponsored initiatives to gain advantage on the Internet and/or get hold of intellectual property to be by targeting R&D efforts. US IP theft is said to be the ”greatest transfer of wealth in history”, accounting for billion $300 annually [The IP Commission ”IP Theft Report 2013”]. Also, the organized criminals in mafia-like structures find new ways of income by innovating in the ”art” of cyber crime.
The Office of National Statistics (ONS) in the UK has included cyber crime for the first time in its statistics for the period ending in march 2016 [”Crime in England and Wales: year ending mar 2016”]. In the statistics data I interpret the cyber-related criminality to be as high as all other crimes combined. If this should be the case world-wide it is easy to make some probabilistic assumptions about cybercrime developments in the future by taking a historical look at the development so far. In general over the suggested probabilistic scenarios I do the assumption that fraudulent activities will continue to increase.
Probabilistic consumer scenario
During the last decade cyber criminals have been effective in harvesting technologies that rely upon phishing schemes. As consumers get more aware of the risks associated on the Internet when using computers, the more efforts goes into other areas. Smartphones of today are powerful computers, but very few consumers perceive them that way. So, we are seeing more targeted attacks on the smartphones.
As time passes by we will see more and more form factors that have both computing power and are networked. Watches, glasses, health gadgets and digital wallets are gaining more and more ground. New ways of interacting with those devices are introduced or under development. This means that consumers will interact with their computing environment in new manners, leaving the field open for innovative ways to commit fraud. Instead of links in e-mails I believe that the criminals will find new ways to lure us in fraudulent schemes.
Since our devices are all connected to databases, storage networks and collect incredible amounts of behavior/geolocation data, they will be the perfect entrance point to those treasures. By successfully exploiting health data, banking details and profiling a person the criminals will be able to both commit traditional frauds, but also do some more extortion schemes beyond ransomware11.
Probabilistic enterprise scenario
More amounts of company data will be distributed over many different providers who deliver services in the cloud. The data that companies rely upon ”in-house” will be serviced by even more automated and virtualized environments that, in turn, are interconnected with the services that live in the cloud. More and more of the workforce have developed big data analytical capabilities and major programs are developed to aid in possible transitions to robotics and artificial intelligence. Mapping of historical data, ongoing conversations and behaviors are performed to aid the transition. Pilot projects are set-up to automate the marketplaces serving every specific industry. By the use of smart agents and smart contracts the business case is to minimize human intervention and maximize profits by cutting marginal costs.
For the adversaries there are opportunities to tap into new ways of wealth transfer. One apparent tactic would be to introduce rogue and passive agents in any kind of automated industrial market mesh network. This way, they will gather intelligence on patterns and streams of communications and also proved means to do some reconnaissance and find weaknesses to exploit later on. The smart adversary understands that automation usually means that humans place to much trust in the system and thus will have windows of opportunity to steal valuables.
Consumer technology advancements will surely find places within the corporate environments, meaning that vulnerabilities in new form factors and user interactions will open new threats. This will drive the separation of information from devices and identified users. A new breed of information protection lifecycle technologies will be developed. The potential for blockchain technology in this field should be apparent.
Probabilistic blockchain scenario
Today companies like Google and Facebook earn a lot of money by leveraging everything they ”know” about its users. We accept giving up our digital personas for free services or apps and contribute to the wealth of many companies, and sometimes crooks. The more computerized and networked gadgets we use the amount of profile data that we leave as a trail grows exponentially. Is it far-fetched to believe that new areas of ”gray area” exploitations will grow in the same manner?
I sense the future potential of blockchain infrastructure to provide trust and authenticity to the information that is propagated. The examples that I can ”see”:
- By leveraging a combination of Creative Commons and a Digital IP ledger every user can enforce a set of properties that are cryptographically signed. Properties could be in the form of privacy information, ownership of creations or similar
- Contributor incentives in form of micro-payments when delivering some value in a network of networks.
Wrapping it all up
It is challenging to sum up all different signals gathered during a 3 month research in a single trend report and make some substantial prediction and analysis. But in an attempt to wrap everything up there are some more substantial signals to point at, than others.
- Cryptocurrencies are gaining market capitalization and acceptance
- Blockchain infrastructure is proofing itself as a foundation upon which trust and authenticity can be built
- Criminals and other adversaries are tapping into the shift and innovating on how to keep their income streams coming
- Blockchain needs to be proofed over time, but one consequence of the infrastructure could be privacy enhancing in the future.
Ross, Alec (2016). The industries of the future, Simon & Schuster
Brynjolfsson, Erik & McAfee, Andrew (2014). Den andra maskinåldern – arbete, utveckling och välstånd i en tid av lysande teknologi, Daidalos
Hines, Andy & Bishop, Peter (2006). Thinking about the Future – Guidelines for Strategic Foresight, Washington D.C. Social Technologies
ISBN: 097893170X, 9780978931704
Tapscott, Don & Alex (2016). Blockchain revolution – How the technology behind Bitcoin is changing money, business, and the world, Penguin Canada
Pasquale, Frank (2015). The black box society – The secret algorithms that control money and information, Harvard University Press