Welcome to the National Cryptologic Museum Foundation. The NCMF directly supports the National Cryptologic Museum (NCM), the first public museum in the U.S. Intelligence Community.

  • ...The nation’s brightest young minds to consider careers in STEM and cyber related fields

  • ...Robust dialog with the American public on cyber policy, technology, and privacy

  • ...Those who “served in silence” with valor and distinction, especially those who gave their lives in service

Did you know?

Polish mathematicians & code breakers made the first breakthroughs against Nazi Germany's Enigma code.......

Cyber Threat Predictions for 2018

Cybersecurity companies are publishing their predictions for threat trends in 2018. Here’s a quick summary of a few of them with links to the full reports:

Trend Micro – Digital extortion through ransomware attacks will continue. Cybercriminals will take advantage of old and new techniques to go directly for the money from ransomware victims. Companies subject to the EU’s General Data Protection Regulation (GDPR) are especially vulnerable to large-scale ransomware attacks. Internet of Things (IOT) attacks will be more numerous and used for purposes other than Distributed Denial of Service (DDoS) attacks. Delivery drones can be hijacked; medical devices and wearables can be hacked; and IoT devices can be used to mask the identity of clever cybercriminals. Business email compromises (BEC) through spearphishing and other techniques will continue to plague U.S. business to the tune of over $9 billion. Social media will see more fake news and cyber propaganda instigated and promulgated by botnets. Countries with general elections in 2018 will be especially targeted. Machine learning and blockchain technologies, while promising in terms of cyber defense and financial transactions, are new vectors for hackers and cybercriminals to exploit. And enterprises are especially at risk given newly discovered vulnerabilities in operating systems and enterprise-wide planning and analysis capabilities. Increased connectivity will lead to more complex cybersecurity challenges. Trend Micro 2018 Predictions

SecurityInfoWatch.com - Internet of Things (IoT) vulnerabilities will be exploited as billions of new devices come on line, leading to possible government regulation of IoT products. Ransomware will increase and become emboldened by cyber insurance; hackers will hold companies hostage for the upper limit of their insurance policies. Ransomware will be increasingly targeted at big retailers, who would rather pay ransom than risk the loss of public confidence. Mobile apps will be increasingly targeted as hackers understand that leaky apps provide a path to sensitive personal and corporate data. Corporate phishing attacks and tax scams will increase. Migration to the cloud and new restrictions on data protection imposed by the EU’s GDPR provide new opportunities for professional hackers and cybercriminals. SecurityInfoWatch.com Predictions

FireEye/Mandiant – Increased nation-state activity from China, Iran, and Russia, not only for cybercrime but also to infect global supply chains. More cyber espionage from China against law firms, entertainment, and the health care industry. Increased hacker access to enterprises via phishing attacks against employees. As more companies migrate data to the cloud, hackers will find ways to compromise cloud security, including obtaining cloud security credentials from oblivious employees. The entertainment industry may be increasingly targeted. Advanced threat actors (e.g. nation-states) will increasingly target upstream software development activities to infect the supply chain of trusted software. More data protection laws including data localization as already seen in China and Russia. Multi-vector phishing attacks with capabilities to evade detection technologies. Use of “https.” domains for phishing attacks. Auto-spreading malware based on stolen credentials, and malware that misuses operating systems. Fireeye.com Predictions

CSOonline.com – U.S. companies not prepared to implement the EU’s General Data Protection Regulation; the EU will likely make an example of one or more companies to send a strong message on the need for compliance. The Equifax breach and other 2017 attacks means that password-only authentication will be replaced by multi-factor authentication to include biometrics. State-sponsored attacks, especially from North Korea and Russia, will keep testing the ability and willingness of Western nations to respond. Expect more IoT botnet attacks. Machine learning will help defenders identify and respond more quickly to many types of attack. The lack of trust—in government, companies, and services—will continue to be a problem. CSOonline.com Predictions

Forbes – More attacks on the U.S. Government and critical infrastructure as hackers show their growing capabilities; some of these attacks may come from North Korea or Russia. More fake news, accompanied by new techniques to verify the reputation of online senders/authors. New attacks will take advantage of the vast amounts of personally identifiable information (PII) lost in the major data breaches over the past several years. Improved data protection as companies begin to deal with increased cybercriminal capabilities to use stolen data for profit. More IoT attacks against all types of devices. The cybersecurity “arms race” between defenders and hackers will increase with the increased use of machine learning and artificial intelligence. Cyber threat detections will become more automated. Bitcoin and other digital currencies will increasingly be targeted by cybercriminals and used for ransomware payments. More breaches of digital currency will lead to regulations by banks and governments. Biometrics and multi-factor authentication will grow in use and importance. Enterprise cybersecurity will grow to meet industry demands for security in the cloud. Small and medium businesses will become more vigilant about cybersecurity. Companies will become more active in protecting the software development cycle to combat the increase in upstream malware insertion that affects the software supply chain. The talent gap in cybersecurity skills will only widen in 2018. Forbes Predictions

Return to our HOME PAGE


On This Day In History


  • President Ronald Reagan declared this day Navajo Code Talkers Day.

About Us

The NCMF directly supports the National Cryptologic Museum (NCM), the first public museum in the U.S. Intelligence Community. We think you will agree it is truly a "museum like no other."

Located adjacent to the National Security Agency (NSA) in Maryland, the NCM houses a priceless collection of artifacts that represent our Nation's history in code making and code breaking, as well as a world class library of cryptologic media. The NCMF acquires the best artifacts for the NCM and supports new educational and interactive exhibits.

The NCMF provides exceptional cryptologic programs throughout the year, encourages young minds to explore cryptology and innovation through valued awards, and hosts educational, cryptology-related exhibits at various community events.

As part of the Foundation's partnership with NSA to build the Cyber Center for Education and Innovation - Home of the National Cryptologic Museum (CCEI-NCM), the NCMF also serves as a leader in the field of cybersecurity - striving to provide the best in educational resources and programs.

The NCMF and NCM share a joint three-fold mission to Educate, Stimulate, and Commemorate. Learn more about our MISSION.