Meltdown & Spectre & my 2018 predictions

A couple of days ago I put out my 2018 predictions.

Even I've been surprised at how quickly some seem to be coming to pass. In particular, prediction number 12 on cyber-risks where I wrote, quoting:

12. A novel cyberattack, in terms of scale or quality, will emerge. 

This may involve attacks which leverage some type of machine learning technology: either using chatbots or natural language generation, smarter password attacks, taking connected devices hostage or adaptive systems which avoid detection. 

That's the end of the quote. So what has happened?

A story bursting out in the last 24 hours has been, the emergence of a novel class of cyberattack on virtually every type of CPU delivered by any of the three main vendors of chips, Intel, AMD and ARM. Between them, these three firms dominate desktop, laptop, server and mobile CPU shipments, all are vulnerable to the Spectre attack.

A second attack, using a loophole named Meltdown, affects Intel processors shipped since 1995 (!) but may not affect those of AMD and Arm. More technical details are available here.

Now, Spectre or Meltdown are challenging: "It’s unclear if there’s any malware out there that makes use of Meltdown or Spectre, because the attacks are hard to detect." So I was pretty accurate with the characterisation of a cyber attack that would "avoid detection". But neither Spectre nor Meltdown rely on machine learning, which I suggested might be a candidate technology for this year's cyber risks.

But the year is still young, so this prediction might yet fully stand the test of 2018. Not bad so far, though :)

Subscribe to weekly newsletter Exponential View to receive my thoughts on where exponential technologies are taking us.