Using Patterns to Predict the Next Cyber Threats

I’ve been watching cyber threats unfold for several decades and they seem to form patterns. By fitting a model to past data, I can slide my pencil along the resulting line to extrapolate which threats are approaching. My graduate students will recognize this method as linear regression in machine learning. I’m just doing it here by hand. But I digress.

You will see in my comments below that I am using this pattern method to predict some hideous stuff. And during Omicron and yet another lousy New York Knicks season, I don’t wish to be piling things on. But the patterns point where they point – and I feel it’s my duty as a TAG Cyber analyst to share what’s coming. So here you go:

Pattern 1: Worms

In 1988, we saw the first worm. We all stewed for a time about how this might lead to some real problems. And fifteen years later, we saw a rash of worm programs rip through the Internet causing all sorts of havoc. Slammer, Blaster, and Nachi were noteworthy. Worms waned because hackers just found better tools. A good worm would still work today.

Pattern 2: Bots

In 1999, we saw the first botnets – or at least that’s when I first started getting worried. In March of 2000, a bunch of websites saw little test DDOS attacks, but it was not until about a decade and a half later when Iranian hackers caused all sorts of layer 3/7 havoc for US banks. DDOS attacks have not stopped. We just look the other way. Mostly.

Pattern 3: Ransomware

In 2008, we all started to get itchy about cryptocurrency (when we were not trying to guess who Satoshi was). Underground use of bitcoin to peddle weed signaled bad things ahead, and now that we’ve hit a decade and a half later (give or take), we struggle with on-going cryptocurrency-enabled ransomware. This, like all other threats, will wane. Sort of. Mostly.

Pattern 4: ICS Attacks

In 2010, we saw Stuxnet. This futuristic campaign by the US and Israel located an Iranian centrifuge and spun it out of control. It was an amazing attack. My prediction is that by 2025, we will see a rash of similar ICS attacks targeting factories, manufacturing, transportation, and so on. This is just where the pattern line drags my pencil. We should all be ready.

Pattern 5: AI

In 2013, Stuart McClure visited AT&T’s mysterious fortress on Thomas Street to explain to me how Cylance was using AI for cyber. In the ensuing years, ML, DL, and CV became de rigueur for cybersecurity, mostly for defense. Count out fifteen years to 2028, and we will see AI weapons used as the perfect learning offense. This will be scary stuff, and China will lead. I’m certain.

Pattern 6: Cyber Wars

We haven’t seen much real evidence of cyber warfare. Dorothy Denning’s 1999 book showed how cyber could complement modern warfare. And the 2007 Estonian skirmish was chilling. But I predict that we’ll see the first real cyber war battles in 2023, which would push a real cyber war to about 2037. The US, Russia, and China will be involved. And the US will lose.

Final Point:

Some advice for my fellow Americans: Your ten-year-old will be twenty-five in 2037. This is a prime age for her to be defending our nation in a cyber war. If you want to help address this looming threat of the US losing a cyber war in 2037 – well, the answer is simple: Set this article down and go help with her math homework. And do it now. 2037 is fast approaching.

PS: I welcome your comments, but please don’t worry about correcting the dates. I’ve trimmed things a bit here and there – just like in a good machine learning algorithm.