Experts 'threatcast' potential cybersecurity risks in 2027

  • Print


Logo for the Threatcasting Lab at Arizona State University.

The future starts as fiction. At least that is what the Threatcasting Lab at Arizona State University believes.

On Wednesday and Thursday, 80 professionals from academia, government, industry and the military met at George Washington University in Washington D.C. to think about the cybersecurity threats of the future. Through a process called “threatcasting,” small groups envision the world ten years from now.

Threatcasting pulls from anthropology, biology, technical research, economics, military strategy and science fiction story telling. Through a structured process, groups create characters, threats and potential steps business and government can take to make sure these futures never become reality.

Through this work, the Lab creates plans to “identify, track, disrupt, mitigate and recover” from these threats, according to Brian David Johnson, the Threatcasting Lab’s director and co-convener of the event alongside Maj. Natalie Vanatta, an assistant professor at the Army Cyber Institute at West Point.

The potential future story lines were diverse, but trends in concerns were apparent. Artificial intelligence, ubiquitous automation and the vulnerability of our digital infrastructure were top concerns. The conjured threats left no one unscathed, from a retired engineer in southern Arizona with an internet-enabled medical device to an American astronaut trapped in the International Space Station during a terrestrial dispute.

While it may have felt like it at times, this was not a writer’s workshop. These futures will be a part of a report intended to be a catalyst for industry and government to think about potential threats. On Tuesday, Sept.12, the Lab will release its newest report: “The New Dogs of War: The Future of Weaponized AI.”

Past reports have been used in creative ways. For example, Cisco Systems created a graphic novel called Two Days After Tuesday: A Science Fiction Prototype (PDF) based on a threatcast scenario about how a simple email phishing attack leads to the devastation of New York City. The phishing attack, a surreptitious way to obtain personal information through communications disguised as legitimate, gives state-sponsored hackers control of New York’s internet-enabled fridges. While this may seem innocuous, the story unravels from there. The fridges are commanded to make repeated calls for more milk and fresh fruit, which overload the automated supply chain. The Port of New York and New Jersey is inundated with the increased traffic. During this overburdened moment, the state-actor slips a dirty bomb through the harried port only to detonate it two days after the initial phishing attack. New York is decimated. “Chaos reigns,” reads the final frame.

Started as a threatcasting exercise, this narrative now informs Cisco’s thinking regarding the future of supply chain risk management.

The Lab’s next event, Threatcasting West, will be held in Los Angeles on Feb. 27-28, 2018. The focus will be on cyber and digital threats in space.

Give us feedback, share a story tip or update, or report an error.