2015 was full of newsworthy cybersecurity breaches. Hackers revealed the names and credit card details of 33 million people who frequented the online-cheating website Ashley Madison. Researchers demonstrated how incredibly easy it is to remotely control a car over the Internet. And a teenager hacked into the private email account of CIA director John Brennan.
What will 2016 bring in massive cybersecurity news? Here are our predictions.
#1: Hackers Will Target Transportation and Electricity Infrastructure
While the cybersecurity systems of major banks, corporations, and government entities remain fundamentally flawed, the capabilities of hackers continue to rise.
Our first prediction for 2016 is that hacks previously only accessible to large nation states will be carried out more and more by small nation states, organized crime groups, and loose political organizations. Critical compromises will become more frequent, and they will be carried out to extort individuals and corporations, spread propaganda, or gain publicity for the hackers.
Why do we think these hacks are likely? Because information-security awareness at even the most critical levels of public infrastructure is laughably non-existent.
Infrastructure Hacks That Could Happen in 2016:
- A teenager crashes critical computers belonging to the London Underground, causing the Tube’s signal systems to fail during rush hour.
- A criminal group threatens to turn off the power of a big airport unless somebody gives them millions of dollars.
- A political group broadcasts its messages across US highways after hacking into the Amber Alert messaging system.
#2: The Internet of Things Will Prove To Be Disastrous
In 2015, Apple released the Apple Watch, and Teslas received an update allowing them to drive autonomously. This year, many of us will buy our first networked fridges, home CCTV systems, and “smart” thermostats. Many of us will fill our lives with wireless-enabled consumer goods. Many of us will get tangled up with the Internet of Things.
But digital security and privacy in consumer goods is in a horrible state. Companies sell products that lack cybersecurity and were not engineered with privacy in mind. To make matters worse, many consumers are too ill-informed to know they deserve better.
The consequences are not trivial. Just last year, toy company VTech suffered a major breach when hackers accessed the accounts of 5 million users, along with 190GB of private chats and pictures of children. Researchers discovered that a line of fridges from Samsung could grant attackers unfettered access to your Gmail account. And students at the University of South Alabama figured out how to hack a pacemaker.
The issue of privacy and security in consumer goods is complicated by remote access capabilities, the drive to accumulate big data, and the pressure for companies to monetize through advertising. The result? A toxic mix of poor privacy and security practices on the parts of both manufacturers and consumers.
We predict that 2016 will bring to light even more cybersecurity vulnerabilities in consumer goods, proving that the Internet of Things should probably be renamed to the Internet of Threats.
“Internet of Things” Disasters That Could Happen in 2016:
- We discover an underground marketplace where voyeurs and robbers can purchase hacked Wi-Fi camera feeds on a per-hour basis.
- A crime syndicate remotely opens hundreds of garages and house doors in a coordinated heist that overwhelms law enforcement.
- The first child-kidnapping case involving the use of a hacked toy shocks the world.
#3: Someone Will Hack a Big Bank
If you compare the security precautions and policies at major banks with those of Apple, Google, and Facebook, it’s a miracle that large financial institutions don’t suffer from more frequent data breaches.
Major financial institutions are easy targets for hackers because their systems are out of date, and they fail to attract young talent that can help them stay on top of information security. Moreover, telephone banking and compulsory weak passwords limited in length and complexity are vulnerable to social engineering. To make things worse, legacy systems and a lack of HTTPS, combined with outdated and complicated legal restrictions, make IT development at banks a living nightmare. And we don’t need to mention that banks make up the biggest targets for well funded nation states and criminal gangs, given how lucrative and political the collapse of the backbone of our financial infrastructure would prove to be…
Big Bank Data Breaches That Could Happen in 2016:
- Social justice hacking groups disclose the bank account balances and credit card bills of hundreds of politicians, executives, and lobbyists on WikiLeaks.
- Hackers fraudulently transfer millions of dollars that must be reviewed and rolled back manually, creating weeks of delays in pension and wage payments and causing trouble for innocent victims as they fail to pay their bills on time.
- A criminal group finds a way to disable automated backups and holds weeks of financial information hostage.
#4: Encryption Will Become the Standard on Everything
Our predictions for 2016: Whatsapp and Apple will continue to push the use of encryption in their systems, while Google and Facebook will have to concede that their users are uncomfortable sharing private chats with corporations and governments.
At the same time, governments like the UK’s might go so far as to seek a complete ban on encryption systems. But in a globalized and connected world of open-source projects and defiant hardware manufacturers, this political theater will only confirm three things:
- Encryption works.
- Encryption protects our civil liberties.
- Encryption is vital for a secure Internet.
Pro-encryption Breakthroughs That Could Happen in 2016:
- Google releases a tool that makes it easy for everyone to encrypt personal emails and files with PGP. It requires a paid subscription and marks a big step away from Gmail and Google Drive’s ad-driven business models.
- Facebook Messenger merges with Whatsapp and becomes encrypted by default across all devices.
- Major browsers make a move to flag all non-HTTPS connections as insecure, forcing all major websites to embrace the standard or be left behind.
#5: Mesh Networks Will Enter the Spotlight and Become Mainstream
Some of the biggest threats to an open and free Internet don’t come from governments, but from Internet Service Providers (ISPs). Big ISPs have pushed for loopholes in EU net neutrality laws, making it legal to throttle the connection speeds of certain web service operators—unless someone pays. Verizon was caught spying on their users through supercookies, and telecom monopolies threaten the development of a cheaper and faster Internet.
We predict that 2016 will mark the beginning of the end of ISPs. We see a future without large Internet Service Providers. The web will become as decentralized physically as it is virtually.
Private companies and even individuals will not only build but also deploy the next generation of networking equipment. Cables, Wi-Fi, microwaves, satellites, and all kinds of other equipment will deliver high-speed Internet access to places where it is censored, limited, or too pricy.
The private entities operating the equipment will charge miniscule amounts of Bitcoin to route data through their nodes, outside of existing regulation or oversight. These networks will be far more resilient to outages, snooping, and hacking than the Internet as we know it today.
The Networks of the Future will provide citizens with security and privacy, and, in the medium term, unblock Internet access for many parts of this world.
Internet Freedom Advancements That Could Happen in 2016:
- The first Bitcoin router allows you to make money by sharing your Wi-Fi connection with your neighbors and passersby.
- Breakthroughs in commercial spaceflight make pirate satellite Internet available for everyone at a low cost—even North Koreans.
#6: We Will Have Another Big Surveillance Whistleblower
In 1971, Daniel Ellsberg gifted the public with documents that proved President Johnson had systematically lied about the Vietnam War. When the drone papers were leaked by The Intercept in 2015, Ellsberg said:
“I waited 40 years for Chelsea [Manning]. Three more for Snowden. And so it’s wonderful that somebody is telling the truth about this series of crimes. I’m very glad to see it.”
Chelsea Manning had no knowledge of how to leak documents securely, so she wound up in jail. Edward Snowden had to tediously convince journalists to use Tor and encryption methods to leak his documents, and he had to go into exile.
But the whistleblower who revealed the United States’ drone program managed to remain anonymous. It’s highly possible that this individual continues to live in freedom, and it’s also possible that this individual is still employed by the government.
How, then, did the drone whistleblower stay anonymous?
For starters, the public is becoming increasingly informed about encryption and anonymity, thanks in large part to Snowden. It is also easier now than ever before for ordinary people to learn how to use privacy tools like PGP, Tor, and SecureDrop so they can communicate without compromising their identities.
The anonymity afforded by these privacy tools empowers individuals to reveal the wrongdoings of powerful individuals, corporations, and government bodies hellbent on hiding their crimes. It is safer now to spill the beans.
Who will be next to blow the whistle, and what will they reveal? That’s one prediction we can’t make.
But we’re at the edge of our seats.
Featured image: Nikki Zalewski / Dollar Photo Club
Power lines image: Oleksandr Babich / Dollar Photo Club
Microphone image: beeboys / Dollar Photo Club
Vault image: tiero / Dollar Photo Club
Static image: blackboard1965 / Dollar Photo Club
Satellite sunset image: wborodin / Dollar Photo Club
Super girl image: Konstantin Yuganov / Dollar Photo Club