Will Lawyers and Security Professionals Look Back on 2017 as the “Good Old Days?”

A couple of future-focused sessions at the 2017 Nuix User Exchange reminded me of an experience I had earlier this year while camping—being (accidentally?) spied on by a drone on a remote beach, with few people around for miles. It was around midnight, we spotted a UFO-like light hovering on the water. Shining our flashlights on it, we realized it was a drone that had been following us along the coastline. It promptly turned off its lights and fled the area.

This drone was probably piloted by a nosy hobbyist but it raised an interesting question about military and industrial espionage. In the next 10 years, drones could be as small as insects. For a political or business leader, or anyone with a public profile, evading surveillance could become practically impossible. If you think it’s hard protecting your data and privacy today, imagine what 2027 will look like.

Good Old Days

During the User Exchange, we heard from forensic technologist Craig Ball that in the future, forensic professionals will probably refer to this year as the “good old days.” The volume, velocity, and complexity of data is skyrocketing. In the coming years, eDiscovery and investigations professionals  will face challenges that are nearly incomprehensible today. An increasingly connected world means similar things for cybersecurity. Imagine the challenge of analyzing and protecting the data from mobile, wearable, and medical devices and buildings full of the Internet of Things. Last year, technologists predicted that 2017 would see more data generated than the previous 5,000 years of humanity. This kind of exponential growth is the norm; we shouldn’t be surprised or impressed anymore by statistics that were shocking only a few years ago.

The Challenges and Opportunities for Discovery

Ethan Treese, Nuix CEO, Americas, pointed out that there are now more than seven billion mobile devices in the world. Ericsson predicts that mobile traffic from smartphones will increase by a factor of 10 between 2016 and 2022. Nuix is helping you stay on top of the challenges and investigative opportunities posed by mobile. Our latest release, Nuix 7.4, is designed to provide a single window into the contents of multiple mobile devices—in addition to every other evidence source—for law enforcement and enterprise investigators.

During his keynote, Nuix Chief Technology Officer Stephen Stewart gave a humorous example of drug dealers uploading social media posts with pictures of cash, guns, and drugs, giving investigators a ridiculously rich data source to work with. With the ability to find connections between people, objects, locations, and events, investigators can quickly progress from a mobile phone selfie to knocking on the drug dealer’s door.

This holds particular relevance to investigators exploring Mexico’s Narco culture, where social media posts often glorify cartels’ weapons, cash, and drugs—think photos of gold-plated AK-47s. In the fight against ISIS and other terror organizations, social media is an important avenue for investigators to determine how and where terrorists are recruiting through digital means. In another classic example, Russian soldiers were caught posting Instagram photos in Ukraine, proving they were involved in the conflict.

Cybersecurity in 2017 and Future Years

Chris Pogue, Nuix’s Head of Services, Security, and Partner Integration, observes that in his decades-long career, organizations and businesses are no safer today than they were 20 years ago. Despite impressive advances in technology, hackers remain one step ahead of the organizations and individuals they target—partly because there are many potential flaws in cyber-defenses and they only have to find one to exploit.

In the coming years, our increasing dependence on technology will make cybersecurity more crucial to the world’s most important defense and policy questions, such as avoiding accidental nuclear conflict, safeguarding the stock market, and ensuring free and fair elections globally.

It helps to think big.

The Security Risks of Robot Warfare

Drone warfare has been critical to US military operations worldwide since the first confirmed kill by an American unmanned aerial vehicle in 2001. Globally, drone use for military applications is on the rise and many analysts consider this a precursor to automated warfare. Currently, the US military requires an extensive chain of command around any drone strike. But the future of warfare may well involve self-directed, artificial-intelligence-driven drones.

Driven by concerns of automated warfare, a group of non-government organizations formed the Campaign to Stop Killer Robots in 2012. While AI poses a host of philosophical questions, the fact remains that any connected military system—piloted or not—is vulnerable to exploits by the enemy. When you factor in delicate situations in areas like North Korea, cybersecurity threats to military hardware could be one of the most pressing challenges the world faces today.

Internet-connected Things

One technologist forecasts that 10 million self-driving cars could be on the road by 2020. Gartner expects 8.4 billion “connected things” will be in use this year. Ericsson expects that number to rise to 29 billion by 2022.

Whether medical implants, cars, or your dishwasher, hackers will have more potential avenues to target your personal data and even your physical safety in years to come. The Equifax hack was just the beginning. Pogue notes that future terror attacks may include a combination of hacking and physical threats. Imagine if this year’s Dallas siren hack had been followed by a physical attack.

When to Trust Technology Predictions

While it’s important to recognize the explosive growth trajectory of technology, it’s also vital not to get distracted. Your organization can take steps to protect itself today.

Rich Cummings, our SVP of Cyber Product and Strategy, pointed out during a User Exchange panel that a critical first step is simplifying your approach to cybersecurity. Having a dozen different systems won’t help you if your team can’t handle them.

“What we're doing behind the scenes is very complex,” he explained. “We need to find a way to make it easier for people to use the technology and operationalize it.”

As the Equifax hack showed at a shocking level, the best products in the world can’t help you if you don’t patch your systems.

Our advice? Start with basic steps to protect your organization. Invest in security awareness programs and ensure you have an incident response plan. As our CISO David Smith found during his decades-long career with the US Secret Service, most organizations don’t even know who to call after a breach.

Security & Intelligence
Posted on September 23, 2017 by Matt Culbertson