2020 Predictions: Technology

John Prisco, president & CEO, Quantum Xchange
Prediction: Quantum computers will advance far quicker than predicted, leaving enterprises scrambling to become quantum safe. The first true use of quantum computing will be in nation-state cyberwar activity and not a commercial application. By the end of 2020 it will be evident that RSA 2048 will be doomed in under 5 years, when a nation state like China or the U.S. will have a quantum computer capable of decrypting current encryption paradigms. Quantum computing will be just the latest of many technologies, including nuclear technology, the internet and satellite navigation, that started out in government and military use.

Saumitra Das, CTO, Blue Hexagon
First malware using AI-Models to evade sandboxes will be born in 2020. Malware developers already use a variety of techniques to evade sandboxes. A recent article explained that “Cerber ransomware runs 28 processes to check if it is really running in a target environment, refusing to detonate if it finds debuggers installed to detect malware, the presence of virtual machines (a basic “tell” for traditional sandboxes), or loaded modules, file paths, etc., known to be used by different traditional sandboxing vendors.” In 2020, we believe that new malware–using AI-models to evade sandboxes–will be born. This has already been investigated in academia. Instead of using rules to determine whether the “features” and “processes” indicate the sample is in a sandbox, malware authors will instead use AI, effectively creating malware that can more accurately analyze its environment to determine if it is running in a sandbox, making it more effective at evasion. As a result of these malware author innovations and existing limitations, the sandbox will become ineffective as a means to detect unknown malware.  Correspondingly, cybersecurity defenders’ adoption of AI-powered malware defenses will increase.

Monzy Merza, head of security research, Splunk
MITRE ATT&CK will become the go-to framework and common vocabulary for every SOC.  For organizations required to have the most aggressive stances on security, such as financial services and healthcare, ATT&CK is already the go-to framework. In 2020, it will become a basis of conversation for security operations center (SOC) teams in other industries, including retail and manufacturing, as they mature their security postures.