Predictions made by NCC Group cybersecurity consultants and researchers regarding the evolving technology and security landscape span diverse areas, including AI, quantum computing and cyberwarfare.
Alejandro Rivas-Vasquez, global head of digital forensics and incident response, highlighted several concerning trends. “The growing use of artificial intelligence (AI) and machine learning (ML) for offensive cyber tactics, combined with escalating geopolitical tensions across the world, makes it increasingly likely that we are seeing another NotPetya-type cyber event,” he warned.
“NotPetya showed how tools like EternalBlue, which were originally developed by intelligence agencies, could be weaponized to cause widespread damage. While the initial target was Ukraine, the impact grew is ultimately being spread indiscriminately Geopolitical tensions are now stronger and more widespread in different regions, presenting a danger Global dependence on digital systems and cloud-based services has increased since the pandemic. of COVID-19, while that supply chain vulnerabilities have increased significantly.
“With our level of interconnectivity now much higher, we must expect collateral damage from attacks with unintended consequences outside of conflict zones. Artificial intelligence and machine learning can improve the speed and accuracy of cyber attacks and it appears that nation states are already developing offensive capabilities using these technologies.
“The combination of the effectiveness of such attacks, their widespread consequences, and the application of lessons learned from NotPetya makes this prediction highly plausible.”
Bobbie Walker, Managing Consultant, shared her perspective on the future of cybersecurity related to implantable technology, noting: “Over the next five years, cybersecurity will expand beyond protecting digital systems to achieve direct protection of people through implantable technology. Neural interfaces, bio-augmentation, authentication chips and advanced medical implants will revolutionize our interaction with technology, but will also introduce significant risks.
Walker warned of possible abuse: “Hackers could exploit neural interfaces to control actions or manipulate perceptions, leading to cognitive manipulation and violations of personal autonomy. Continuous monitoring of health and behavioral data using implants raises significant privacy concerns, with risks of misuse by malicious actors. or invasive government surveillance.
“To mitigate these risks, new frameworks linking technology, healthcare and privacy regulations will be essential. “Digital bioethics” standards and ISO standards for bio-cybersecurity will help define safe practices for integrating technology into the human body while addressing ethical dilemmas. “.
Product Manager Alessia Oliveri commented on developments in the field of quantum computing and the associated cybersecurity implications. “The race to develop quantum-safe approaches and algorithms will intensify, with significant efforts directed toward quantum decryption. This battle will shape the future of cybersecurity, as defensive and offensive capabilities rapidly evolve,” he said. predicted Oliveri. Additionally, she expressed concerns about “dark AI markets” where “the technology is leveraged for dual purposes, automating attacks, scams and threats” poses serious challenges for cybersecurity professionals.
Reflecting on advances in brain-computer interfaces, Andy Davis, Global Director of Research, said that “as brain-computer interfaces (BCI) become more sophisticated, protecting neural data will become an essential aspect of cybersecurity. The development of advanced encryption and access control mechanisms to prevent unauthorized access to individuals’ thoughts, emotions, and memories will likely evolve to address the ethical and privacy concerns associated with the protection of neural data.
Deputy Director of Business Research Jon Renshaw expressed concern about the impact of AI-based ransomware and quantum computing on crypto. “A breakthrough in quantum computing could lead to the development of quantum computers capable of breaking current cryptographic algorithms. This scenario is akin to the Y2K bug, where we know that a transition to post-quantum cryptography is necessary, but the exact timing is uncertain,” he explained.
Security management consultant Dr Liz James focused on vulnerabilities in vehicle fleets and cloud systems. She predicts that an increase in “cyberattacks will increasingly target vehicle fleets and cloud vulnerabilities, shifting the focus from organizational assets to product fleet management systems.” Cybersecurity consultant Josh Waller predicts that industrial operators will “start to reduce the integration of OT, ICS and SCADA systems with broader enterprise networks” to guard against evolving threats.
Abhijeet Udas, executive principal consultant, predicts an increase in attacks on 5G devices, saying that “the use of connected cars in cyberattacks or other malicious activities could have catastrophic consequences.”
Senior advisor Paul Vlissidis predicted a significant data breach due to the adoption of generative AI, serving as a “wake-up call, highlighting the urgent need for robust AI security measures.” Kerby Bacotot, associate technical architect, echoed concerns about the potential for AI exploitation, which “will likely lead to stricter regulations defining the boundaries and limits of these technologies.”
David Brauchler, CTO, anticipated new challenges in consumer AI and envisioned the emergence of “agenic AI, capable of interpreting user instructions and executing actions autonomously ”, which “would lead to new security challenges”.
Finally, Ray Robinson, Director of OT, commented on the convergence of security and cyber risk assessments. “Security operations centers (SOCs) will merge monitoring of OT and IT threats and vulnerabilities, creating a unified approach to security.” Robinson highlighted the convergence of physical and cyber security measures to comprehensively protect assets and information.
