Booz Allen Commercial delivers advanced cyber defenses to the Fortune 500 and Global 2000. We are technical practitioners and cyber-focused management consultants with unparalleled experience – we know how cyber-attacks happen and how to defend against them.
Our strategy and technology consultants have empowered our international clients with the knowledge and experience they need to build their own local resources and capabilities.
In facing challenges of modernization, our Middle East and North Africa clients have complex requirements that benefit from our proven experience in guiding major programs and projects for governments and private-sector organizations. The services we offer in UAE, Qatar, Egypt, Turkey, Kuwait, Morocco, Jordan, and other regional countries build on our consulting legacy.
Our clients call upon us to work on their hardest problems—delivering effective health care, protecting warfighters and their families, keeping our national infrastructure secure, bringing into focus the traditional boundaries between consumer products and manufacturing as those boundaries blur.
Booz Allen was founded on the notion that we could help companies succeed by bringing them expert, candid advice and an outside perspective on their business. The analysis and perspective generated by that talent can be found in the case studies and thought leadership produced by our people.
Learn more about Booz Allen's diverse culture and environment of inclusion that fosters respect and opportunity for all employees.
We've come a long way delivering innovative solutions. But our next chapter is still being written.
Our 22,600 engineers, scientists, software developers, technologists, and consultants live to solve problems that matter. We’re proud of the diversity throughout our organization, from our most junior ranks to our board of directors and leadership team.
Booz Allen takes pride in a culture that encourages and rewards the many dimensions of leadership—innovative thinking, active collaboration, and personal service. We’re particularly proud of the diversity of our Leadership Team and Board of Directors, among the most diverse in corporate America today.
We asked our top analysts to compile a cyber threat forecast for the year ahead. Here are the top emerging trends to watch for in 2019.
1. Information Warfare Targeting Companies
From data leaks to troll armies, the private sector may soon be caught in the crosshairs of information warfare campaigns meant to inflame public relations and legal controversies. States could wreak havoc by leaking harmful internal communications and spreading fake and embellished stories on social media accounts.
2. Using IoT Devices to Broaden State Espionage Operations
Connected TVs, webcams, and printers have already been used to mine cryptocurrency and launch distributed denial of service (DDoS) attacks, and their abuse will likely increase in 2019. Though state-linked activities will focus on creating communications proxies, they could also use IoT botnets to conduct widescale intelligence collection or search for weak network endpoints to exploit.
3. Secure Chip Cards May Fall Short
Now that credit card authentication chips have finally reached widespread adoption in the U.S., they will likely become a larger target for cybercriminals. Attackers have already successfully infected EMV readers with malware to skim money from ATMs. This year, attackers may evolve to use this technique at retail points of sale as well.
4. The Weaponization of Adware Networks
Recent technological advances in adware are transforming it from a minor nuisance to a real threat. With new in-memory, file-less techniques, more sophisticated adware versions will become highly resistant to forensic analysis. And it’s only a matter of time until adware owners recognize the sale value of the large volumes of user profile data they've collected.
5. AI-enhanced Information Warfare
AI generated video, or ‘deep fakes’, will grow in popularity this year as apps that generate false video and audio content become more available. Advances in research are also laying the groundwork for increasingly realistic forgeries. Deep fakes will increase the potency of influence operations that mix stolen data with false content.
6. The Expanding Wireless Attack Surface
More IoT device makers are turning to proprietary and non-WiFi wireless protocols, paving the way for threat actors to discover new—sometimes completely insecure—attack vendors. In addition to expanding the attack surface on enterprise networks, these systems may leave openings for criminals to attack customers directly via their devices.
7. State-Sponsored Threat Actors Double Down on Deception
Nation-state actors will increasingly exploit weaknesses in current attribution trends to muddy the waters when an attack strikes. This return to the shadows by state groups will result in a guessing-game among cybersecurity experts, resulting in low-confidence assessments and speculative reporting that will complicate tactical-level detection, strategic threat forecasting, and threat modeling.
8. Water Utility Targeting Bubbles to the Surface
Though industrial control system attacks focused on the U.S. energy sector for the past decade, water utilities are a prime target for state-sponsored attacks this year. At a minimum, U.S. water companies should expect reconnaissance activity by foreign state-backed groups attempting to gain insight about, and access to, these systems.