2026 Security Predictions

Crypto-Ransomware Goes Extinct - Well, Sort of

Although it will not be right away, with good IT Practices, crypto ransomware will become a less of a threat. It is important to note that this can ONLY happen IF proper practices are followed. It is important to note that the flip side of this trend is that the crypto aspect of the ransom is becoming less important. The larger target is corporate reputation and legal issues. Data is the most valuable aspect of any business. If the bad actors can obtain data with personally identifiable information, the legal and compliance ramifications will be extremely real if the bad actors provide proof of stealing the data to regulators and customers. This will hurt the company where it counts – with their customers and with regulatory bodies. Stricter regulations are becoming more common at the state level with California leading the way. The European Union is making the GDPR regulations stricter every year to protect the people under their umbrella. Bad actors know this and they are as interested in causing regulatory fines and bad publicity as much as they are interested in traditional business disruptions.

Open-Source Repositories Turn to AI for Supply Chain Protection

Many believe that Open-Source software is the most secure. Unfortunately, this is proving to be incorrect. Attackers are targeting the very sources of open-source - the repositories. This means that everyone, from major corporations to startups, are being targeted by the ongoing attacks against very common software libraries. Some of these attacks have required years of planning by the attackers. Also, fake libraries that are clones of legitimate libraries, but contain malicious function, are extremely common, and they are popping up every day. This has made it a losing battle for repository managers. It is highly probable that the repository managers may turn to AI to help manage the security of the repositories. The problem is that currently there is no AI model to help manage a repository and detect malicious actors and code. This will be a large hurdle to overcome but there are big players involved in this game. The massive number of attacks on regularly used packages will require something to happen. If it does not, corporate policies will eventually require that open-source libraries get secure or they will have to be pulled from use because they pose too high of a security risk. Something will have to happen soon since the largest players have a stake in this – Apple, Microsoft, Google, etc.

The Cyber Resilience Act Sparks Secure by Design Practices

The European Union Cyber Resilience Act (CRA) is a European Union regulation establishing mandatory cybersecurity standards for all hardware and software products with digital elements sold in the EU market. It will require manufacturers to ensure security throughout a product’s lifecycle, including vulnerability reporting and regular updates. This is being done to boost digital product safety for users and businesses in the EU. If this is not followed the European Union will begin fining companies for not doing this. A 2% revenue fine or 10 million euros, whichever is greater, will be the fine as defined by the law for not following the rules and reporting procedures as defined by the law. This may be the push that is needed for design practices to change to be secure by design instead of having security be a secondary thought.

Autonomous AI launches its First End to End Cyber Attack

AI models have exponentially increased in ability over the last year. It is highly possible that a complete model that can launch an end-to-end cyber-attack will be possible very soon. Various AI models are already being used by attackers for separate parts of the attack sequence, but none can perform the complete attack chain. Also, it is well known that many types of cyber-attacks (malware and ransomware) are offered as a service and if this type of product can be created to sell as a service it has the capability to cripple businesses worldwide. In late 2024 it was reported that Chinese hackers successfully used Anthropic’s AI agent to automate spying operations on over 30 international entities. In some cases, the highly tailored attacks were very successful. Lessons learned from this by attackers may help speed the process toward fully automated attacks. Businesses need to bolster their security posture to even attempt to stay protected form this type of threat.

AI Literacy Will Become a Core Cyber Skill

AI is already used on the back end in many cyber security tools. These tools must be understood for cyber security professionals to succeed. They must also be recognized by organizations as essential tools and implemented to provide the proper level of protection.

Zero Trust Network Emerges as Traditional VPN’s Collapse

The concept of zero-trust is not a new one, but it has been slow to be adopted at the small and medium size business level. If organizations wish to protect themselves from emerging threats, they will need to immediately adopt zero trust policies and security products to protect their businesses. One area that is being scrutinized is the traditional VPN. Attackers know that VPN’s and the businesses that use them are easy targets. This is because by nature the remote computers operate with limited protection. Also, the VPN allows attackers direct access to the entire company infrastructure once an endpoint has been placed under their control. Vulnerabilities are being found in VPN’s all the time and most are not being addressed properly. Securing the remote computer and eliminating traditional VPN with a secure edge solution is required to tighten up access as well as secure the endpoint.

Summary

Unfortunately, the future is rather bleak. Attackers have significantly increased threats and AI has the distinct possibility of gaining the upper hand in the attack sequence. Most businesses have been very slow to adopt the proper protections for their now very mobile workforce, and it will leave their businesses extremely vulnerable. Many think that this cloud is the answer but since the cloud operates with many open-source components, it will require the same, if not more, security to keep data safe and operations running smoothly. Since many businesses think that basic antivirus software and a simple firewall will keep them safe, attackers will have a field day with unsecured cloud resources and remote workers.