ZDNet

HELSINKI, FINLAND: Social dependency on internet connectivity, the toxic hell stew caused by vulnerable Internet of Things (IoT) devices, and "walled garden" devices will all feature heavily in the future of cybersecurity, an expert has predicted. 

During the SPHERE cybersecurity conference on June 1, WithSecure Chief Research Officer (CRO) Mikko Hypp?nen told attendees that several themes are likely to heavily impact future generations' security alongside how consumer and enterprise devices are managed and protected. 

Dependence on connectivity

"We are living in a technological revolution, although it can be kind of hard to see just how big," Hypp?nen told reporters. "The internet is the best -- and worst -- thing to happen during our time." 

Recommends

The best internet service providers

When you're comparing internet providers, you want the most reliable connection.

Read now

The cybersecurity expert believes that future generations will be just as dependent on connectivity as we are on electricity today. If the electricity grid fails due to a solar storm, for example, Hypp?nen said many countries would feel the sting and potentially collapse due to how reliant we have become on this power source.

One prediction he offered is that while the internet is important today, it has not reached a stage where it is considered crucial for society to function -- unlike electricity. However, the day may come when connectivity powers everything in society, from the economy to food production. So without it, society "wouldn't be able to function."

This also has huge ramifications for security, as internet-connected systems are constantly under attack, new vulnerabilities are discovered, and threat actors continue to evolve their tactics.

"The more advanced a nation is, the more vulnerable it is," Hypp?nen commented.

Internet asbestos 

"In 15 to 20 years, we will look at the decisions today, scratching our heads, and wondering what the hell were we thinking when we decided to connect everything to the same public internet," said Hypp?nen. 

The executive is, of course, talking about the millions, if not billions, of IoT devices connected to the internet today. 

Internet of Things

• The top 6 home automation systems: Put your home on auto-pilot
• Microsoft launches Defender for IoT to protect printers, smart TVs, and more
• The best Amazon Echo speakers: Which Alexa is right for you?
• What is the IoT? The Internet of Things explained

Hypp?nen highlighted the trouble brewing when you have a future filled with devices containing outdated firmware that cannot be updated -- a scenario he calls "IoT asbestos."

While we've considered it a good idea now, we also once thought asbestos was fantastic building material. 

Consumers look at the price tag rather than security when it comes to IoT, and unfortunately, the cheapest products also often lack basic security standards. As a result, we could see a toxic blend of devices connected to the internet, unable to be updated, riddled with security holes for attackers to exploit to create botnets, and more. 

Cybercrime becomes a booming business 

Recommends

The best security key

While robust passwords help you secure your valuable online accounts, hardware-based two-factor authentication takes that security to the next level.

Read now

According to Hypp?nen, over 98% of malware samples scanned by WithSecure daily originate from money-making cybercriminal gangs. 

The "enemy" base has evolved far beyond the development of floppy disk viruses. Threat actors now make a fortune from ransomware and cryptocurrencies, leading to a current -- and future -- scenario when you have wealthy criminals able to invest in their attacks. 

"This changes the game," Hypp?nen said. "The wealthiest and most powerful cybercrime gangs, [for example, Conti] have the manpower to do large-scale attacks."

These so-called "cybercrime unicorns" can afford to invest "serious money" into hiring skilled staff and new technologies for their weapon portfolios. 

Fighting in the artificial intelligence arena 

Now that cybercriminals have the cash to spend, the next stage in their progress is to adopt artificial intelligence (AI) and machine learning (ML) technologies. 

In the future, Hypp?nen believes that threat actors will move on from hiring cybersecurity experts to professionals in the AI field -- and the only reason they haven't already done so is the severe lack of talent in this emerging field. 

Artificial Intelligence

• 8 ways to reduce ChatGPT hallucinations
• AI is transforming organizations everywhere. How these 6 companies are leading the way
• 3 ways AI is revolutionizing how health organizations serve patients. Can LLMs like ChatGPT help?
• If AI is the future of your business, should the CIO be the one in control?

However, as more people enter AI as a career, barriers to entry come down, and it becomes easier to utilize AI frameworks. But "criminal groups can also start competing for these skills," as they have the wealth required to do so. 

As a result, AI will take over the manual labor currently conducted by cybercriminals, turning the cybersecurity battlefield from a fight between the manual labor of threat actors and automated defenses to a clash between the "automatic and automatic."

"The only thing able to stop a bad AI is a good AI," Hypp?nen noted.

Security "by PlayStation"

Another shift in the tech world of note, which is already happening but has room to grow, is what the executive calls "Security by PlayStation."

When you purchase a gaming console, like a PlayStation 5 or an Xbox, you buy a computer but do not have the right to customize it or launch programs that the vendor has not approved. Sure, it is possible to jailbreak a PlayStation and run unsigned code, but this is a difficult task and not one the average gamer will undertake. 

A gaming console, in itself, is a computer used for a narrow set of activities. The enterprise is already beginning to issue staff with devices that are controlled when it comes to program deployment -- including the Apple iPad, Google Android handsets, and Chromebooks. According to Hypp?nen, we should expect to see end user-restricted, "walled garden" computing systems become a common method for improving security. 

What the future holds 

Suppose we follow the current trajectory of technologies becoming faster, more powerful, and cheaper. In that case, Hypp?nen expects that one day -- although not necessarily in our lifetime -- humans will have access to "limitless computing" for something very close to free. 

These computers will have something akin to unlimited power, storage, bandwidth, and memory that will cost basically nothing. 

"What would you build if you had no limits?" he asked. "That's a liberating thought, and I do think we are heading toward a bright future. And that's [from] someone who has spent his life seeing the dark side and fighting the scum of the internet. I'm still an optimist."

Disclosure: Attendance at SPHERE was sponsored by WithSecure. 

Security

8 habits of highly secure remote workersHow to find and remove spyware from your phoneThe best VPN services: How do the top 5 compare?How to find out if you are involved in a data breach -- and what to do next

• 8 habits of highly secure remote workers
• How to find and remove spyware from your phone
• The best VPN services: How do the top 5 compare?
• How to find out if you are involved in a data breach -- and what to do next