Past Cybersecurity Predictions: A Look at What We Got Right — Part II | LogRhythm

Past Cybersecurity Predictions: A Look at What We Got Right — Part II

In 2020, we learned that even a global pandemic can’t slow down cyberattacks, and threat actors are still very much at large seeking new ways to gain control of vital data and bring organizations to their knees. In addition to releasing our 2021 predictions this year, we also decided to look back at the last four years of our cybersecurity predictions to see what we got right. In part 2, we are exploring our 2018, 2019, and 2020 predictions. Be sure to check out part 1, which looks at 2016 and 2017, here if you missed it. You can also read about our 2021 cybersecurity predictions here.

Recapping Our Cybersecurity Predictions from 2018

Prediction: A New Record for the Largest Data Breach Settlement Will be Set

Anthem currently holds the record at $115 million over a 2015 cyberattack that compromised data on 78.8 million people.


In September 2018, Uber agreed to pay $148 million for the data breach that affected 50 million riders and 7 million drivers in 2016. This settlement held the new top spot until Equifax agreed to a settlement of up to $425 million for the 147 million people affected by its September 2017 breach.

Prediction: New US Legislation will be Introduced to Regulate Activities Related to Privacy Data and Protection

The US government will introduce new legislation (similar to GDPR) around privacy data protection that will mandate how companies must protect privacy data information.


While the US still does not have federal legislation in place that is similar to the EU’s General Data Protection Regulation (GDPR), a few states have passed meaningful legislation relating to data privacy protection. The California Consumer Privacy Act (CPRA), which is one of the toughest data privacy laws in the country and has been compared to the GDPR protections, was signed into law in June of 2018. During the 2020 election, California voters backed Proposition 24, an amendment to the CPRA that will further limit businesses’ use of sensitive personal information.

Prediction: Cyberwar Campaigns Between North Korea and the US Will Emerge from the Shadows and Directly Impact the Public

The US and North Korea have been covertly carrying out cyberattacks against each other for years and ramping up their digital aggression. Tensions will continue to escalate, and the public will be impacted for the first time.


In December 2017, the US publicly blamed North Korea for the WannaCry cyberattacks that occurred in May and targeted a variety of industries through computers running the Microsoft Windows operation system, including healthcare and financial institutions. The attack affected more than 300,000 computers across 150 nations. The Justice Department announced charges for the ransomware attack and the attack on Sony Pictures that occurred in 2014 in September 2018. More recently, the US government warned of BLINDINGCAN in August 2020. This new remote access trojan was reportedly used in early 2020 to target employees in the military defense and aerospace sectors.

Prediction: IoT Devices Will Become a More Frequent Target for Ransomware Attacks and Cyber Extortion

Ransomware will continue to be a popular hacking method. Hackers will expand into new vectors and targets, impacting the everyday use of IoT.


In 2018, the FBI issued a warning about attackers targeting Internet of Things (IoT) devices. During the same year, it was revealed that a malware author built a botnet comprised of over 18,000 routers in only one day. In 2019, a report found that cyberattacks on IoT devices had increased by 300%, which is more than 2.9 billion events. The trend shows no sign of slowing down. In just the first half of 2020, malware targeting IoT devices increased by 50% from the previous year.

Prediction: DDoSaaS Will Become a ‘Thing’ and Will Result in Another Major DDoS Attack Against Critical Infrastructure

Hackers will use a cloud service provider, such as AWS, to administer a DDoS attack.


In September 2018, research revealed 25 percent of all DDoS attacks in Europe used public cloud servers. More recently, in June 2020, Amazon mitigated what was then the largest-ever DDoS attack (2.3Tbps). However, just a few months later, in October 2020, Google revealed it was hit by a 2.5Tbps attack in Sept. 2017 that lasted over six months.

Prediction: Drones Will be Exploited Much More Often as a Cybersecurity Threat Vector

Despite existing restrictions to mandate no-fly zones, drones (like iPhones) can and will be “jailbroken.” Expect to see quite a few cases where drones are used for more than just fun.


In July 2018, it was revealed that a hacker attempted to sell files of the US military’s MQ-9 Reaper drones, which were taken from a US Air Force captain’s computer, on the dark web. Federal officials also expressed concern over the emergent cybersecurity risk drones present during a panel discussion at DC CyberTalks in 2018. In November of that year, a security flaw was discovered within the cloud infrastructure of DJI, the world’s largest drone manufacturer, that exposed user’s data, including photos and videos. The Chinese company found themselves in more hot water earlier this year when it was discovered the app that controls the drone was collecting a large amount of personal information that could be exploited by the Beijing government.

Prediction: Bitcoin Wallet Exploits Will Result in Massive Losses of Personal Wealth

Due to the increasing popularity of BTC, many individuals will have their BTC wallets hacked and potentially lose a lot of money — or worse, their life savings.


Research revealed $1.1 billion in cryptocurrency was stolen in the first half of 2018 alone. Several attacks occurred in 2018 across the globe, including Altcoin, Bithumb, Coincheck, and Coinrail. North Korea has become a significant player in cryptocurrency hacking, stealing billions with experts estimating criminal activity accounts for as much as 15 percent of the country’s income.

Prediction: Kim Jung Un’s PlayStation® Account Will be Hacked


While we can’t confirm whether or not Kim Jung Un’s PlayStation account has hacked, we do know a malicious hack was revealed in 2018 that could lock machines down by sending users a PlayStation Network message, forcing users to factory reset their machines to regain access. In June 2020, Sony announced it would open its bug bounty program to the public and pay $50,000+ for the most critical bugs.

Prediction: A Cyberattack on an Automobile Will Kill Someone

We’ve already seen hackers remotely kill a Jeep on the highway, disable safety features like airbags and antilock brakes, and hack into a car’s Bluetooth and OnStar features. As cars become more connected and driverless cars evolve, hackers will have more opportunities to do real harm.


While this exact event has not occurred, there have been some high-profile incidents. In November 2019, the FBI Cyber Division warned of cyberattacks against the automotive industry. The warning highlighted incidents in which “unidentified cyber actors have increasingly targeted the automotive industry with cyberattacks to obtain sensitive customer data, network account passwords, and internal enterprise network details.” Japanese carmaker Honda experienced a cyberattack this past June when SNAKE ransomware forced the manufacturer to temporarily shut down some of its facilities in addition to customer and financial services. At this year’s Black Hat security conference, researchers identified more than a dozen vulnerabilities in the Mercedes-Benz E-Class car, allowing them to open its doors and even start the engine remotely.

Recapping our Cybersecurity Predictions from 2019

Prediction: Cybersecurity Programs Will Grow but Continue to Lag Behind the Talent Gap’s Growth by at Least 25 Percent

The Bureau of Labor Statistics anticipates available jobs for information security analysts will grow 28 percent between 2016 and 2026.1 But since 2014, only 3.7 percent of American universities and colleges have met the requirements necessary to be recognized by the National Centers of Academic Excellence in Cyber Defense Education Program (CAE-CDE). Unfortunately, we don’t expect the acceptance rate to suddenly increase, meaning cybersecurity program growth will lag behind the talent gap by at least 25 percent in the coming year.


In 2019, (ISC)2, the world’s largest nonprofit association dedicated to IT security, determined it would take a 145 percent increase in the number of cybersecurity professionals to fill the gap. We have not seen anything like that take place. In fact, research released in early 2020 showed that 62 percent of CISOs think the global cybersecurity talent shortage will worsen over the next five years.

Prediction: The United States Will Experience the “Balkanization” of Cybersecurity Regulations

The United States has been slow to enact cybersecurity legislation at the federal level. As a result, states have started taking matters into their own hands. In 2019, we expect an increase in cybersecurity legislation at the state level. And given the lack of consistency among resulting regulations, this will lead to greater challenges when it comes to interstate business operations.


Massachusetts, North Dakota, New Jersey, Ohio, and New York all enacted cybersecurity laws in 2019, while Maine and Nevada enacted privacy laws, and Oregon enacted an IoT-focused security law. In February 2020, the National Governors Association urged lawmakers to pass legislation that would offer state and local governments assistance for cybersecurity efforts. There remains to be no such legislation in place.

Prediction: China Will Manipulate the Market to Turn the Trade Wars in their Favor

China isn’t new to cyberespionage, with reports revealing their efforts cost the United States upwards of $300 billion annually. The United States reacted earlier this year by imposing a $50 billion tariff on Chinese imports. Given the economic impact of these tariffs, we expect China to leverage its cyber-spies to give itself an advantage in the growing trade wars.


In late 2019, it was revealed that Chinese hackers broke into the National Association of Manufacturers earlier that year. The organization was involved in shaping trade policy, suggesting China was using cyberespionage to identify information it could leverage to retaliate against the tariffs. In May of this year, an invisible cyberattack tool called Aria-body was linked back to the Chinese military. The tool, which was used by a group of hackers known as Naikon, was used to infiltrate government agencies in several countries.

Prediction: Cloud-Based Ransomware Will Compromise a Major Corporation’s Infrastructure

Ransomware continues to grow in sophistication. In 2019, we believe we will see it successfully compromise a major corporation’s cloud infrastructure. The results will be devastating, impacting thousands of customers, and resulting in a heavy loss of profits due to missed SLAs and fines.


In 2019, cloud computing provider iNSYNQ was down for days after its servers were locked with ransomware. The attack went beyond direct customers to also affect companies who used the organization’s infrastructure to host Intuit QuickBooks web-based apps.

Prediction: We’ll See a Move to Hold CEOs Accountable for Breaches

There are already regulations to hold people accountable (notably CISOs) for breaches. But as the pace and damage of breaches become more severe, we believe we’ll see these regulations begin to expand accountability to the CEO role.


In April 2019, Senator Elizabeth Warren unveiled the Corporate Executive Accountability Act. The legislation was designed to make it easier to hold corporate leaders accountable for wrongdoing. Although the legislation is not moving forward at this time, it’s worth noting that a Gartner report from September 2020 predicts CEOs will be personally liable for breaches by 2024.

Prediction: Trump’s Cell Phone Will be Hacked

Yes, we’ve said this one before, but with the President using an unencrypted phone to communicate with leaders of nations, this has to be a hot target. Just imagine what the potential impact will be — not to mention what we’ll see on Twitter.


While this did not happen (that we know of), there is evidence to support security failures with President Trump’s phone. In December 2019, the New York Times’ Privacy Project released an article in which it tracked the movements of 12 million phones based on a dataset it obtained. The news organization was able to track President Trump’s movements using the data, raising concerns about national security.

Recapping our Cybersecurity Predictions from 2020

Prediction: An Insider Will Manipulate AI to Wrongly Put an Innocent Person in Prison

Because people train artificial intelligence (AI), AI adopts the same human biases we thought it would ignore. However, this hasn’t stopped the legal system from employing it. Just last year, a judge ordered Amazon to turn over Echo recordings in a double murder case. With AI already primed to make biased decisions based on the information it receives, an insider could exploit this to feed it false information to more directly implicate someone of a crime. In making AI more human, the likelihood that it makes mistakes will increase.


In June 2020, the ACLU filed a complaint against the Detroit Police Department for what they claim is the first documented instance of someone being falsely arrested based on inaccurate facial recognition AI technology. Robert Julian-Borchak Williams was accused of robbery and linked to the scene based on a still image from the store’s surveillance video that was then uploaded to Michigan state’s facial recognition database. The charges against him have since been dropped.

Prediction: The US Election Will Definitely be Hacked and Influenced

After the revelation of Russian interference in the 2016 US presidential elections, election tampering is at the forefront of the news as we approach the 2020 elections. Hackers (nation-state or others) won’t have to do much more than infiltrate the system — or make it seems like they’ve infiltrated the system — to undermine people’s confidence in the election and exacerbate the current state of turmoil.


In October, Microsoft revealed it had taken down the servers behind Trickbot, an operation that could have indirectly affected election infrastructure. China, Iran, and Russia all attempted to influence the election through various means, as outlined in this blog from Microsoft. The FBI and CISA issued an alert in October warning that Iran was spreading propaganda and targeting election websites.

Prediction: We’ll See the Consequences of Increased Adoption of Biometrics

Before we see adequate regulation and security to protect biometric data, there are going to be some unlucky people whose biometric information is stolen and used for repeat fraud. If your credit card details are stolen, you can easily change your account number. But what if your face gets stolen? Once that information is compromised, there’s no swapping it out. Before the industry catches up and understands how to properly protect it, we’re going to see the consequences of the increased adoption of biometrics.


In February 2020, facial recognition startup Clearview AI suffered a data breach that exposed its entire client list. The company works with banks and law enforcement, raising concerns about such databases. Then, in March, a security researcher uncovered a web-facing identity server belonging to Brazilian Automated Fingerprint Identification System (AFIS) developer and distributor Antheus Tecnologia. The server contained nearly 2.3 million data points, including sensitive employee information. In May 2020, Facebook agreed to pay $550 million to Illinois users after a class-action lawsuit was filed over the use of its face-tagging technology to collect facial-recognition data.

Prediction: Quantum Computing Will Break Out of the Lab and See Use by Users and Threat Actors Alike

Google’s “Sycamore” project was heralded as a breakthrough for quantum computing earlier this year. And while we’re certainly still far off from the advanced quantum computing that could change the way we perform standard cryptography, we are already seeing quantum computing make its way into the mainstream. For example, Microsoft announced its new Azure Quantum service, which will soon allow select customers to run quantum code and use quantum hardware. These developments in quantum computing will likely have a significant impact on modern AI as well, helping to speed up AI’s data analysis and subsequent decision making. And by offering quantum technology to the masses, we’re sure to see an uptick in the development, adoption, and usefulness of quantum and modern AI throughout 2020 — both among legitimate users and malicious hackers.


In January, the World Economic Forum issued its Global Risks Report 2020, which warned of the cyber risks associated with emerging technologies such as quantum computing. In late October, Honeywell announced the first subscription-based plan for quantum computing usage. Earlier this year, Microsoft and IBM each announced customer growth for their quantum-computing services. Amazon Bracket was also announced, which lets AWS customers experiment with quantum computing simulators and access hardware.

Prediction: Ransomware is Going to Expand into the Critical Infrastructure Business

Ransomware continues to be easy cash for hackers, recently reaching an average payout of $41,000 USD. Given ransomware’s proven track record, it’s time for hackers to take it to new markets. Critical infrastructure is a prime target. While most ransomware isn’t built to target infrastructure, it can still be used in such environments. And shutting down a power grid can yield a significantly higher than average payout to the attacker — not to mention, it can also lay the foundation of distrust in the government’s ability to protects its citizens. Critical infrastructure is due for another significant breach, making 2020 the perfect opportunity to introduce ransomware into this space.


In February 2020, the US Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) issued a warning to businesses operating in critical infrastructure industries. The advisory highlighted a new ransomware threat that was discovered after an unnamed natural gas compression facility’s internal network was hit, resulting in the encryption of critical data and taking servers offline for almost two days. Then, in August, a report from the International Criminal Police Organization (Interpol) reported a dramatic increase in the rate of cyberattacks aimed at critical infrastructure among governments and major corporations.

Looking Back at Our Cybersecurity Predictions

A lot has changed over the last four years. Amid the rapid acceleration of digital transformation as society continues to grapple with COVID-19, we have seen cybercriminals get faster and more creative as they seek to capitalize on technology’s increasing presence in our lives. Interested in learning more about what we predict for 2021? Check out our predictions here.