Skip to main content
banner image
venafi logo

Waging Cyber War in 2018: What Will Change?

Waging Cyber War in 2018: What Will Change?

cyber warfare and machine identities
January 18, 2018 | Eva Hanscom

Simply put: cyber criminals were in full force last year. More data was stolen in the first six months of 2017 than in the entirety of 2016. Gemalto’s Breach Level Index found that over 900 data breaches occurred during the first half of 2017, compromising 1.9 billion records. In an even more ominous trend, the number of sophisticated state sponsored cyber attacks increased significantly last year.

According to Jing Xie, senior threat intelligence analyst for Venafi, this explosive development in data exfiltration will continue: “In 2017, attackers working for nation-states focused on efficiency and return on investment, and they were very successful. As a result, we should expect to see escalations and variations of similar attack vectors this year.”

We asked Jing to examine the current arena of nation-state sponsored cyber warfare and she offered these predictions on how attacks will evolve in 2018:

  • Elections will face escalating attacks and threats. We saw numerous state-sponsored social media campaigns that concentrated on fostering public doubt - and fear - during the 2016 U.S. presidential elections. Due to the success of these campaigns, we should expect additional attacks against local and national elections. Some attacks can even utilize fraudulent identities of both humans and machines to steal and leak sensitive nation-state data. Distressingly, these attacks are occurring in elections around the globe.
     
  • Nation-state attackers will maintain their focus on keys and certificates. The ongoing wrestling match between super powers will move from clandestine programs that are largely carried out behind the scenes to more public attacks aimed at critical infrastructure and services. Because vital security assets control encrypted communication between machines, many cyber attacks will leverage compromised or rogue keys and certificates. A nation-state with this power can bombard critical infrastructure through increasingly sophisticated variations of attacks. This type of sabotage of core services was successfully demonstrated using malware such as Stuxnet and Duqu.
     
  • Certificate Authorities may be used as cyber weaponry. Cyber criminals sponsored by nation-states may find ways to exploit the trust models used to control communication between machines. The easiest way to accomplish this would be to attack or manipulate Certificate Authorities and the keys and certificates they issue. If successful, this exploit vector would allow cyber criminals to eavesdrop on a wide range of confidential communications, intercept and redirect encrypted traffic, and target government watchdogs and human rights activists.

“With every major nation-state expanding both offensive and defensive cyber war spending, public and private critical infrastructure and communication providers should expect to be caught in the crosshairs of cyber warfare. As a result of the cumulative impact of powerful spending and attack trends, we should expect to see at least one act of nation-state sponsored cyber warfare that directly impacts citizens this year,” concluded Jing.

How do you think cyber war will evolve in 2018?

Related blogs

Like this blog? We think you will love this.
Intelligent robot looking into the future
Featured Blog

Blockchain May Be Leading Us Toward More Secure Human Authentication. But What About Machines?

Read More
Subscribe to our Weekly Blog Updates!

Join thousands of other security professionals

Get top blogs delivered to your inbox every week

See Popular Tags

You might also like

CIO Study: Certificate-Related Outages Continue to Plague Organizations
White Paper

CIO Study: Certificate-Related Outages Continue to Plague Organizations

Forrester Consulting Whitepaper: Securing the Enterprise with Machine Identity Protection
Industry Research

Forrester Consulting Whitepaper: Securing the Enterprise with Machine Identity Protection

Machine Identity Protection for Dummies
eBook

Machine Identity Protection for Dummies

About the author

Eva Hanscom
Eva Hanscom

Eva is Public Relations Manager at Venafi. She is passionate about educating the global marketplace about infosec and machine-identity issues, and in 2018 grew Venafi's global coverage by 45%.

Read Posts by Author
get-started-overlay close-overlay cross icon
get-started-overlay close-overlay cross icon
Venafi Risk assessment Form Image

Sign up for Venafi Cloud


Venafi Cloud manages and protects certificates



* Please fill in this field Please enter valid email address
* Please fill in this field Password must be
At least 8 characters long
At least one digit
At last one lowercase letter
At least one uppercase letter
At least one special character
(@%+^!#$?:,(){}[]~`-_)
* Please fill in this field
* Please fill in this field
* Please fill in this field
*

End User License Agreement needs to be viewed and accepted



Already have an account? Login Here

×
get-started-overlay close-overlay cross icon

How can we help you?

Thank you!

Venafi will reach out to you within 24 hours. If you need an immediate answer please use our chat to get a live person.

In the meantime, please explore more of our solutions

Explore Solutions

learn more

Email Us a Question

learn more

Chat With Us

learn more
Chat