1. Since bad actors have become cash-rich from the ransom they’ve collected from successful attacks, we can expect them to conduct their business (of writing sophisticated exploits for RCE vulnerabilities) earlier and faster by leveraging even more skilled exploit writers instead of depending on publicly disclosed exploits.
2. Attackers will increasingly infiltrate more COTS applications and Open Source Software and bury backdoors directly in source code. Many small/medium business who don’t have dedicated IT to test code before they deploy will end up suffering more from breaches than larger end-users who practice better cyber hygiene.
3. Most cyber-attacks go from infiltration to the ransom-demand stage over days, during which time-sensitive data is exfiltrated slowly so as to not trigger AI/ML attention. Given international tension and not profit being the motivation, we can expect attacks to target widescale disruption (such as taking critical infrastructure systems offline).
4. Given that more and more enterprise software is being delivered from third parties and over the cloud, sophisticated bad actors will target such cloud providers. We therefore expect to hear of many more breach disclosures in popular SaaS services in the coming times.