As we approach 2024, the cybersecurity community is bracing itself for an exponential increase in the use of Artificial Intelligence (AI) across the board. For those who are already fatigued by the AI hype cycle, fasten your seatbelts, because we haven’t seen anything yet. The stage is set for an eventful year ahead, as AI transforms both offense and defense. Here are our cybersecurity predictions for the coming year.
On the offensive side, powerful AI-driven tools will generate new cyber threats and deceptive content, faster and on a much broader scale. Attackers and defenders will both race to weaponize AI, ushering in a new era of sophisticated threats and defenses powered by machine learning. Cybercriminals are already leveling up their efforts to launch sophisticated AI attacks. In 2024, we can expect to see deep fakes that are indistinguishable from reality, and spear phishing attacks that will fool even the most vigilant among us.
As AI becomes even more mainstream, security teams will also experience extreme pressure to deploy new delivery models. Chief Information Security Officers will undertake a delicate balancing act, racing to enable AI innovation while simultaneously ensuring robust protections are built-in by design. AI security will emerge as a top priority, much like mobile security during the Bring Your Own Device era. The cat-and-mouse game will intensify, but with careful planning and responsible AI adoption, cyber defenders can gain an edge over attackers.
Nation-state cyber activity is expected to surge around the upcoming POTUS election, targeting infrastructure in an attempt to influence the outcome through disinformation campaigns and other tactics. In addition, there will be a wave of espionage and information theft. Think James Bond, but with more keyboards and fewer martinis. The election will be a prime target, with everything from disinformation campaigns to direct attacks on election infrastructure.
We anticipate that the coming year is also going to be fraught with geopolitical situations, and they will likely become increasingly intertwined with hacking events. We can expect to be overwhelmed by the sheer amount of news coming out about Advanced Persistent Threats intended to gain intelligence or disrupt adversary infrastructure. We’ll also continue to see activity from ideological hacktivist groups such as Volt Typhoon, the IT Army of Ukraine, and the hackers behind the recent attacks on Israeli-manufactured water Programmable Logic Controllers.
Wartime cyber operations are unlikely to cease, even if peace treaties are signed and kinetic conflicts end. State and non-state actors have heavily invested in offensive cyber capabilities, and they already have a chest full of perishable vulnerabilities ripe for exploitation in the aftermath.
Back-office software will continue to be a popular target for financially motivated threat actors. On the heels of 2023, the year of file transfer tool hacks, other types of B2B software have come into threat actors’ sights. Many of these systems are improperly exposed to the Internet, providing a relatively simple initial access vector.
Ransomware will also continue unabated until the infrastructures supporting it disappear. Cybercriminals will keep using tried-and-tested social engineering tactics as long as organizations and individuals remain vulnerable. Tighter cyber insurance policies will raise the stakes further.
In 2024, organizations will be forced to be more transparent about their cyber breaches, driven by regulatory changes (and a spate of punishing breaches at well-recognized organizations).
Finally, this will be the year that Deception Engineering is added to the enterprise security stack. As cybercriminals continue to evolve their strategies, enterprises will increasingly adopt deception engineering techniques to better understand their security vulnerabilities and protect their assets. We are already seeing a rising interest in honeypots at local conference talks, and the concept of canaries becoming central to Endpoint Detection and Response programs. Enterprises will have an increasing interest in deception technology in the coming year because it illustrates how secure assets are most easily exploited and who wants them. Security teams will be looking for new ways to drive efficiency, minimize false alerts, and identify legitimate threats.
The author, Bob Rudis, is Vice President, Data Science at GreyNoise Intelligence.