In 2023, there were significant advancements and attacks in the field of cyber security that garnered global attention. Looking ahead to 2024, we can expect to see an increase in sophisticated phishing campaigns that utilize artificial intelligence (AI) capabilities, leading to more frequent and advanced attacks. Already in 2024, there have been several breaches and attacks, including ‘bespoke phishing lures’ targeting Microsoft employees.
One key trend as we transition from 2023 to 2024 is the automation of cyber attacks and how attackers can combine and automate multiple steps in the traditional kill chain. Unfortunately, this trend is expected to continue, with attackers automating the creation and selection of phishing attacks based on a user’s open-source intelligence (OSINT) information. They will also automate the sending of the attack, request and validate the multifactor authentication (MFA), and validate the compromise to carry out further attacks.
Cyber criminals will leverage AI to obtain OSINT through scraping social media profiles in a matter of seconds, or by using AI-powered software to generate persuasive messages and create payloads, speeding up the delivery of attacks. This reduction in attacker participation allows for more sophisticated targeted attacks, raising the bar for successful attacks without requiring significant time, money, or effort from the threat actors. It is crucial that there is governance around the use of AI tools and ethical considerations in their deployment.
Another area that will come to the forefront in 2024 is the security of AI systems themselves, which are designed to protect organizations. Attackers are finding ways to exploit these systems, teaching them to perceive their attacks as “safe” and bypassing the technology controls put in place. This evolution in attacks targets both the technology and the machine learning algorithms behind it. Attackers will employ creative techniques to make it difficult for natural language processing (NLP) and linguistic checks to detect malicious content in emails, such as using invisible characters, lookalike characters, and images to evade traditional NLP scanning methods. Additionally, more attacks will likely come through encrypted emails that security solutions struggle to scan, and there may be an increase in password-restricted payloads that remain hidden initially.
Supply chain threats have also evolved over the years, with attackers compromising business accounts to target new victims and bypass authentication and trust-based protection systems. In 2024, this trend is expected to expand on a larger scale, using compromised accounts of individuals already known to an organization and its users. This approach offers many advantages to threat actors, including a ready-made list of potential targets, higher success rates, and an easier path into more secure organizations that may be challenging to target directly.
Furthermore, cyber attacks are becoming more sophisticated by utilizing multiple channels to appear legitimate. For example, victims may receive a QR code in an email, followed by a text message, replicating the multi-channel methods commonly used in marketing and multi-factor authentication. This trend is predicted to grow in 2024, with messaging apps like WhatsApp and Signal potentially becoming targets due to their lower security systems compared to email.
As we enter 2024, it is important to anticipate the increasing frequency and sophistication of cyber attacks, with cybercriminals leveraging new tools to evade detection. Staying aware of these risks and prioritizing security measures and awareness training will be crucial in staying ahead in the cybersecurity landscape.