Preparing to fight cyber threats by 2030

The first Cyber Campus deliverable on the next threats in 2030 is available for download. The working group therefore carried out anticipatory work on several scenarios by integrating the cyber responses to be provided.

Anticipating the cyber threats of the next few years is not an easy task. This is, however, one of the missions that the Cyber ​​Campus has given itself by launching a collective work on the prospects and challenges to be met in this field by 2030. The result of a reflection carried out by the anticipation working group of the campus led by Mathieu Cousin (security director of Axa) and Gérôme Billois (cybersecurity partner Wavestone), this analysis is based on contributions from more than sixty public and private organizations and leads to what could be the context cybersecurity in the coming years, the challenges to be met and the means to be put in place to counter future cyber threats as effectively as possible.

The exercise seems very complex but it is clear that the rendering of this deliverable appears clear as well as concise. As a starting point, the book highlights 4 future trends serving as a basis for developing scenarios for anticipating cyber threats. In short, they set the scene and make it possible to shape the various combat actions envisaged; it is thus a question of considering the future from the angle of ultra-connectivity, ultra-partitioning, ultra-green or even ultra-regulation. “Each of these trends, extrapolated to the extreme, gives rise to a scenario. We thus hope to propose a grid for reading the future, intended to enable our readers to appreciate the impacts of these trends on society, individuals and organizations,” the report states in the introduction.

4 trends of tomorrow’s world guiding cybercriminal actions

Opportunities and types of computer attacks and challenges to be faced vary according to the future trends that the world will face in the coming years. In the case of an ultra-connected world, for example, cyberattackers will be able to target an unprecedented range of targets and access and will be able to rely on the generalization of digital platforms and social networks to carry out their malicious operations. In this case, we will have to expect a wider use of bot networks to launch attacks, an instantaneous spread of malware or even the multiplication of trapped digital services and the mass dissemination of false information in all sectors.

If the trend of a hyper-compartmentalized world predominates, the future of cybercrime should then go through the resurgence of specialized cybergangs on well-defined targets, thus simplifying their detection. “The proximity between states and cybercriminals allows groups to be equipped with better offensive capabilities while benefiting from impunity and protection in their own sovereign space”, warns the report. In this context, we should then see a rise in destabilization actions on national critical services with the multiplication of “digital attacks”, the reinforcement of attacks by ransomware and state-level complexes, cyber-espionage and even the physical destruction of certain submarine or satellite cables and critical supply chains.

In the case of a world dominated by ecological issues, cyberattackers adapt just as well by monetizing their services, for example, for the purposes of hacktivism aimed at systems that consume too much energy, but also by favoring actions of manipulation, scams requiring little exploitation of high computing resources made at this stage much more complicated. In this scenario, we can then expect the proliferation of attacks against the reputation of people (legal or physical), the destruction of energy-intensive digital systems, attacks against non-local supply chains or the instrumentalization environmental ideologies for cyberattacks by ransomware, extortion…

Finally, in the context of a future of a hyper-regulated society “cyber attackers take advantage of the multiplicity of regulations to undertake cyber blackmail. They threaten to report their victims to regulators for non-compliance, or offer fake regularization services,” the guide says. “Human and financial investments relating to security are neglected in favor of those working solely to bring regulatory compliance to new requirements, sometimes in an ideological logic and without taking into account the real risks”. With the key to an explosion of cyber-extortion, the resurgence of attacks usurping regulatory authorities, the rise of bogus fines…

5 cybersecurity priorities to follow

On the basis of these 4 scenarios for the evolution of the world, the cybersecurity challenges to be met can thus be adapted by focusing on 5 common priorities: securing all digital systems by default, giving individuals back control of their digital lives and data, move towards large-scale resilience based on automation and AI, fight the impunity of cybercriminals and develop the attractiveness of the cybersecurity sector.

“As part of our reflections, three invariants have been identified. It is essential to take them into account to respond to the various challenges in order to ensure the success and credibility of the solutions to be put in place, but also the definition of a responsible sector”, can we read elsewhere in the guide. This is the ability of actors (private, public, institutional, etc.) to cooperate, guide and take decisions on a European scale, and adapt digital sobriety, for example by decommissioning computer systems that are too energy guzzlers. Reducing the energy consumption of computer resources and assets applied to cybersecurity must also be an objective, this concerning cryptography, backup as well as blockchain and crypto-assets.

Better understand homomorphic encryption

Regarding the need to implement a principle of security by design at all possible levels of digital products and services, the guide highlights the challenge of building evaluation methods and tools that are “easy, reliable and automatable » covering both products and organisations. In particular, it recommends supporting the creation of a standard for evaluating a “cyber-score” and ensuring its deployment. The first actions at the level of the Cyber ​​Campus on this aspect concern a benchmark of existing evaluation solutions, products and organizations to determine in particular their strengths and weaknesses. This also involves identifying and leading/supporting associated research projects.

In terms of better control of digital life and data, 3 challenges must be met: control of identity using a reliable, interoperable and shared service, data through ad hoc devices and measures and also expanding the use of encryption. On this point, Campus Cyber ​​will study the emergence of a centralized digital privacy management model, launch a challenge on homomorphic encryption and analyze in more depth the advantages and disadvantages of the blockchain for digital identity.

An imperative to develop the attractiveness of the cybersecurity sector

When it comes to better resilience through automation and AI, the task force report recommends both improving the detection of cyber threats and accelerating the ability to respond to growing cyberattacks. numerous and complex. To deal with it, the actions undertaken are oriented towards the development of a platform to experiment with AI uses in cybersecurity, to develop AI challenges in this field and to open the floodgates of cyber-oriented open data for experimental purposes.

Fighting and prosecuting cybercriminals in the legal field must also be strengthened, requiring a cutting-edge technological arsenal to cross-check the volumes of data relating to cyber-crooks (attack tools, operating methods, infrastructures used, etc.). This therefore requires actions to “create attack simulation environments and R&D projects on AI training to impute attacks” and “create R&D projects to trace or follow the paths of money and automate the seizure of crypto-assets”.

Finally, pushed for years by organizations such as Hexatrust in France bringing together dozens of French cybersecurity players, the need to develop the attractiveness of this sector appears more vital than ever. To train effectively and ensure the availability of high-level cyber skills, closer cooperation with National Education must be initiated.

Quantum computing in ambush

A veritable sword of Damocles for the security of resources, infrastructures and data, quantum computing appears both as an opportunity to be seized and a threat to be thwarted.

“Quantum, through the paradigm shift it implies and the potentially impressive results it presents for digital, can be a threat to cyber, due to its ability to more easily break the encryption methods currently used. But it also represents an opportunity to rethink cybersecurity. In this context, the Cyber ​​Campus will have to follow these developments closely,” the report explains. “The contribution and effectiveness of quantum approaches remain to be assessed, but they could make it possible to implement new mechanisms, with significant added value for cyber: encryption key transmission between untrusted nodes », delegation of quantum calculations, quantum distributed calculation… ».