Forecasts Developments in Adversarial Machine Learning, Ransomware, Serverless Apps, Connected Home Privacy, and Privacy of Child-Generated Content
McAfee released its McAfee Labs 2018 Threats Predictions Report, which identifies five key trends to watch in 2018. This year’s report focuses on the evolution of ransomware from traditional to new applications, the cybersecurity implications of serverless apps, the consumer privacy implications of corporations monitoring consumers in their own homes, long-term implications of corporations gathering children’s user-generated content, and the emergence of a machine learning innovation race between defenders and adversaries.
“The evolution of ransomware in 2017 should remind us of how aggressively a threat can reinvent itself as attackers dramatically innovate and adjust to the successful efforts of defenders,” said Steve Grobman, Chief Technology Officer for McAfee, LLC. “We must recognize that although technologies such as machine learning, deep learning, and artificial intelligence will be cornerstones of tomorrow’s cyber defenses, our adversaries are working just as furiously to implement and innovate around them. As is so often the case in cybersecurity, human intelligence amplified by technology will be the winning factor in the ‘arms race’ between attackers and defenders.”
The report reflects the informed opinions of dozens of McAfee thought leaders from McAfee Labs, McAfee Advanced Threat Research, and members of McAfee’s Office of the CTO. It examines current trends in cybercrime and IT evolution, and anticipates what the future may hold for organizations working to take advantage of new technologies to both advance their businesses and provide better security protection:
- An adversarial machine learning “arms race” will develop between defenders and attackers.
- Ransomware will pivot from traditional extortion to new targets, technologies, and objectives.
- Serverless apps will save time and reduce costs, but they will also increase attack surfaces for organizations implementing them.
- Connected home device manufacturers and service providers will seek to overcome thin profit margins by gathering more of our personal data—with or without our agreement—turning the home into a corporate store front.
- Corporations collecting children’s digital content will pose long-term reputation risks.
In a competitive app environment where “stickiness” easily becomes “unstuck,” the most enterprising, forward-looking apps and services will recognize the brand-building value of making themselves a partner with parents in this education effort.
In the corporate world, McAfee predicts that the May 2018 implementation of the European Union’s General Data Protection Regulation (GDPR) could play an important role in setting ground rules on the handling of both consumer data and user-generated content in the years to come. The new regulatory regime impacts companies that either have a business presence in EU countries, or process the personal data of EU residents, meaning that companies from around the world will be compelled to adjust the way in which they process, store, and protect customers’ personal data. Forward-looking businesses can leverage this to set best practices that benefit customers using consumer appliances, content-generating app platforms, and the online cloud-based services behind them.
“The year 2018 could well be remembered most for how we finally started to tackle data protection and for whether consumers truly have the right to be forgotten,” said Vincent Weafer, Vice President at McAfee Labs. “The large-scale gathering of personal information and user generated content opens consumers up to the risk of data misuse, abuse, and even compromise. Irresponsible service providers can overindulge in the gathering and monetization, allowing user privacy to be carried away by market forces, data to be compromised, and user reputations threatened years into the future. GDPR makes 2018 a critical year for establishing how responsible businesses can pre-empt these issues, respecting users’ privacy, responsibly using consumer data and content to enhance services, and setting limits on how long they can hold the data.”
