What does the future hold for the 2024 cybersecurity landscape? We’ve looked at some of the biggest trends expected to shape the industry to provide you with our predictions. Before we get into the list, just a reminder that no digital space is safe, and staying alert should be everyone’s priority.
2023 was a monumental year in the cybersecurity space as hackers continued to adapt to ever-evolving technologies. With the launch of ChatGPT, their methods became smarter, while their threats loomed over both users and organizations across the globe.
Boris Goncharov, AMATAS strategic director, reminded us of what kept businesses “up late” in 2023:
“Mainly cyber extortion campaigns (ransomware, Data Hostage, DDoS attacks, digital hijacking, etc.), phishing in all of its shapes and forms (malicious actors started to use generative Artificial Intelligence, financial frauds, etc.), as well as supply-chain attacks and leaked data across other channels”.
Last year, we also saw a rise of
- ransomware via remote monitoring and management (RMM) tools;
- extortion-only campaigns (e.g. the attacks carried out by both vulnerabilities – MOVEit and GoAnywhere);
- data theft with compromised credentials;
- social engineering campaigns (e.g. the MGM data breach in September).
On the political side, nation-state hacktivists continued to be on the move in light of the war between Russia and Ukraine and the Israel-Palestine conflict.
Passwordless solutions
Both consumers and organizations will continue to prioritize data protection in light of the ever-evolving cyber threats. Passwordless authentication is a solution more and more companies started to install, thus taking greater control of their cybersecurity. Some of the most popular tools that generate unique biometrics include:
- Multi-Factor Authentication (MFA);
- Time-based one-time passwords (TOTP);
- Passkeys.
We expect to see more and more organizations continue to switch to passwordless authentication (from standard, user-generated passwords that need to be remembered) and various other cryptographically based authentication schemes.
When considering this solution, always have in mind the human element, as hackers could easily trick users into giving up their passcodes.
Complex system architecture
With the development of more and more complex architecture, security would have to adapt – quicker than ever before. In 2024, we expect:
- Edge computing to become a leading attack surface.
With numerous challenges in management, possible physical tampering, and API and software vulnerabilities.
- Living-off-the-land (LOTL) attacks would become harder to detect.
The more complex IT environments become (looking at you, cloud and hybrid), the more possibilities are created for hackers to exploit technologies.
- Rise of the cost and complexity for mature security posture.
To fully protect their systems, enterprises would need to invest in more tools (e.g. security orchestration, automation, and incident response (SOAR), security information and event management (SIEM), etc.) and programs (e.g. incident response, penetration testing, etc.).
Boris Goncharov reminds:
“In the last two years, a lot of companies have fallen below the cybersecurity poverty line (CPL), also due to the unprecedented spread of AI. Security solutions are becoming increasingly more complex, expensive, and require specific expertise. Unfortunately, fewer and fewer companies can afford them.”
Artificial intelligence and large language models (LLMs)
Of course, we can’t undermine the role AI and large language models (LLMs) are expected to play in security in 2024. With technologies becoming more available and less expensive, hackers are exploiting generative AI to advance their capabilities. The strength of cyberattacks on individuals, organizations, and nations would grow tremendously.
“For attackers, artificial intelligence has become another ‘super weapon’. AI enables cyber criminals to organize more realistic and complex phishing campaigns, develop malware at unprecedented speed, and find weaknesses in security systems with greater efficiency and precision,”
highlights Boris Goncharov.
AI’s advancement could thus result in:
- Phishing, Business Email Compromise (BEC) schemes, and social engineering lures would become even harder to detect.
Taking personal information from public sources (e.g. LinkedIn) or buying them off the Dark Web, phishing-as-a-service schemes could become more convincing and reach a larger scale of users, more effectively. Malicious actors could use generative AI (e.g. ChatGPT) to:
- translate messages from their language to that of the victims;
- create authentic-sounding messages and responses;
- combine Deep Fake (voice and video) with text-based messages for multi-stage attacks.
As the attacks become more personalized, endpoint compromises would, unfortunately, become more common.
- Using real-time input from AI during web attacks
Hackers are starting to employ knowledge from AI during live attacks. Generative AI could be turned into their assistant, guiding them every step of the way, evaluating their responses, and suggesting alternatives.
- The rise of fake accounts for various malicious purposes.
Setting up fake profiles, by using AI to match human realism, would cost cybercriminals close to no effort. These, in terms, could be exploited by:
- Organized criminals for fraud, credential stuffing, etc.;
- Nation-states for disinformation;
- Hacktivists for “information campaigns” and to gain sympathy.
Looking at it on a global level, with the 2024 Olympics, the US elections, and the current war between Russia and Ukraine and the Israel-Palestine conflict, we remind users to stay wary of such malicious online presence, as it’s most often exploited during these times.
- New system vulnerabilities in LLMs
Here’s the hard truth about LLMs (large language models) – as much as they’re useful in optimizing work processes, they do pose a threat to security.
- For starters, LLMS could easily be tricked into revealing training and personal data. Data exposure via LLMs has enormous potential due to the quantity of data these models process.
- Furthermore, developers using LLM to generate code may not have much time to review the final output. As LLMS are not up-to-date, the generated code or imported libraries may not be protected from the latest vulnerabilities.
On that page, Boris Goncharov summarized that “despite its impressive analytical and adaptive capabilities, AI cannot single-handedly replace the need for human expertise, strategic thinking, and continuous learning in cybersecurity.”
What can you do to ensure your systems are more secure in 2024?
Our recommendations include these four action points:
- Enhance your endpoint security
Ensure that from the get-go, those are aligned with your organization’s Zero Trust policies.
- Assess Identity and Access Management (IAM) strategies
To ensure your data and credentials are more and more secure.
- Lead information campaigns
So that your employees are aware and updated with the most common, relevant, and recent attack methods out there.
It’s your role to help internal stakeholders and team members understand their role in maintaining a more secure digital environment, as well as how to prevent data exposures. Also, consider installing more and more cross-department security training that is adapted to the understanding of individuals.
- Improve threat detection and response
As digital assets and data are central to the operations of businesses and organizations, the potential impact of a security breach can be catastrophic, ranging from financial loss and intellectual property theft to reputational damage and legal consequences.
Extended threat detection and response enables organizations to quickly identify and neutralize threats before they can cause significant harm
Boris Goncharov notes:
“We recommend to companies to focus on training staff about the basis of cybersecurity – how to identify phishing emails, what are safe online practices”. He also reminds organizations that they need to strategize in advance on “how to react during a cyber incident so that they can quickly and effectively deal with security breaches”.
Remember that the first line of defence against any cybersecurity attacks is the stakeholders of your organization.
In the era of exponential technology, maintaining a high level of cyber hygiene should be seen as a must by companies of all industries and sizes. Thus, we, at AMATAS, have developed our infosec services with a mission not just to meet all regulatory requirements but also to protect businesses from all kinds of cyber threats.