The rise of artificial intelligence (AI) technology lets cybercriminals develop next generation attacks such as machine-generated malware, ransomware and "cybercrime as a service", says a security strategist.
Cybercrime services including money laundering can reach US$500 billion to $1 trillion, said Derek Manky, a global security strategist at Fortinet.
"Cybercriminals are embracing AI to run automated attacks, which will accelerate cybersecurity breaches from days in 2016 to hours next year, potentially even seconds or milliseconds within five years," he said.
Cybersecurity vendors including Fortinet also use AI to do more automation detection of increasingly unknown attack threats from a variety of connected devices and complex networks.
Instead of using traditional botnets to do coding and find multiple routes to attack a target, hackers will exercise self-learning infected devices to attack, called "swarmbots", said Mr Manky.
The infected devices will be capable of talking to each other and taking action without human hacker intervention. This threat could grow exponentially as swarms widen their ability to simultaneously attack multiple victims, he said.
FortiGuard Labs recorded 2.9 billion botnet communications attempts in one quarter earlier this year, adding some context to the severity of swarmbots.
Mr Manky said ransomware will increasingly target high-value marks such as cloud service providers and critical infrastructure like healthcare and government services.
"Ransoms can be done easily as attackers can use AI to find vulnerabilities in the targeted systems," he said.
Moreover, AI will build malware based on automated vulnerability detection and complex data analysis.
FortiGuard Labs recorded 62 million malware detections in one quarter in 2017. "Out of the millions of malware detections we recorded, we saw 16,582 variants derived from 2,534 malware families," said Mr Manky.
One-fifth of organisations also reported malware targeting mobile devices. The increased automation of malware will make this situation more pressing in the coming years, he said.
Mr Manky said that AI and the proliferation of automation tools will lead to more "crime as a service" attacks, with the selling of stolen security codes and the provision of money laundering and advanced services through the dark web or underground markets.
Criminal developers upload attack codes and malware, offered via underground markets, for a fee.
"To shorten the cycle, there will be more machine learning used to modify code on the fly to make these cybercrimes more untraceable," he said.
Mr Manky said that criminal developers can create infected websites to lure users to visit them, thus infecting their devices. The hackers then use the devices as tools for mining bitcoin or other cryptocurrencies, or by attacking cryptocurrency exchanges, making the coin prices drop or otherwise volatile.
Thailand is becoming a digital economy, with several initiatives, including national e-payment and electronic government services, so cybersecurity should be at the core of these services.
Mr Manky said national cybersecurity agencies and business organisations need to integrate security technologies, facilitate real-time information exchange regarding threats and actionable threat intelligence as well as automated responses, and apply intelligence and self-learning so the networks can make effective and autonomous decisions.