Ten years ago, zero-day exploits were incredibly rare and very expensive for cyber threat agents to do. They were as complex as NASA programs. There were maybe four or five countries that could exploit them (US, China, Russia, the UK, North Korea and Israel).
By 2015 up to one hundred and twenty countries were able to deliver one day exploits, not quite the power of zero-day threats, but there are far more of them can be delivered by nearly anybody, any organization, a company or any group, or nearly any country. The width, depth and invisible nature of these threats will be transparently connected to our everyday lives (not rare event) but 2032 and beyond. This will be exaggerated by the internet of things, many bodies doing cyber espionage and being able to do in a stealth like manner.
Exercises on cyberwarfare and security are seen taking place during the NATO CWIX interoperability ... [+]
Here are six key insights from the podcast:
· The board rooms of most US and other corporations are not asking the right questions or putting the right processes in place to protect themselves to cyber espionage (countries, companies, individuals, groups).
· The capabilities now spread to a much larger group “dedicated individuals – cyber vigilantism could become very common Asymmetrical threats are trickling down very fast.
· The real threat for “toxic damage,” now comes from a range of players. It is going to be less focused on mass damage, than highly targeted and maybe more public activities. They are going to becomes more common and more obvious to all of us as they happen.
· Cyber intelligence threats are generally un-seeable and are meant to be stealth in nature. If we think about the billions of devices that will be around us in ten year’s time this threat is amplified 100 fold.
· The separation of the internet is inevitable. The idea of internet Balkanization is already happening (Russia, China – the Great Fire Wall). The broader community used to share to protect the internet overall. It has fragmented (countries, groups, conflicts) and its clear that hot conflicts force this.
· AI in public life has shifted very, very fast in every single day. We have crossed the Si Fi boundary very, very fast with AI, cyber espionage will have done the same by 2033. Countries Switzerland, Israel and the UK Are leaning in hard to try and get this right towards the ideas of security enabled devices (NCSC in the UK).
Cyber espionage will become the fifth domain of warfare and at the same time. citizen investigations may end up being the one counter offensive weapon that may well have value.
Juan Andrés Guerrero Saada headshot
Juan Andrés is Senior Director of Research at SentinelOne and an Adjunct Professor of Strategic Studies at Johns Hopkins School of Advanced International Studies (SAIS). His work on Moonlight Maze (and likeness) are in the Spy Museum permanent exhibit in Washington DC. The work affected NASA, the Pentagon, military contractors, civilian academics, the DOE, and numerous other American government agencies. The investigators claimed that if all the information stolen was printed out and stacked, it would be three times the height of the Washington Monument. Juan Andrés was Chronicle Security’s Research Tsar, founding researcher of the Uppercase team. Prior to joining Chronicle, he was Principal Security Researcher at Kaspersky’s GReAT team focusing on targeted attacks and worked as Senior Cybersecurity and National Security Advisor to the Government of Ecuador. SentinelOne’s cybersecurity solution encompasses AI-powered prevention, detection, response and hunting across endpoints, containers, cloud workloads, and IoT devices in a single autonomous XDR platform.
