Virtualization Technology News and Information
Article
Search:
RSS
Follow VMblog.com:
Improve end user experience in VDI, DaaS and physical endpoint environments
SlashNext 2024 Predictions: Countdown to 2024 – A New Era of Cyberattacks

vmblog-predictions-2024 

Industry executives and experts share their predictions for 2024.  Read them in this 16th annual VMblog.com series exclusive.

Countdown to 2024 – A New Era of Cyberattacks

By Patrick Harr, CEO of SlashNext 

In 2023, cybercriminals continued to move with speed and at scale, delivering new and even more sophisticated cyberattacks than the year before. The recent advance of generative AI has only accelerated this, putting organizations’ security postures at critical risk. With the new year right around the corner, here are a few trends and predictions about cyber threats companies should be aware of to keep their organizations safe. 

Beware the Weaponization of Generative Artificial Intelligence in 2024 

The top threat this year and going forward involves the weaponization of generative AI to drive more sophisticated phishing attacks, and how we will address that concern from a security standpoint. We know that human training is not enough to prevent business email compromise (BEC) attacks from succeeding. According to the FBI's Internet Crime Report, BEC alone accounted for approximately $2.7B in losses in 2022, and another $52M in losses from other types of phishing. With rewards like this, cybercriminals are increasingly doubling down on phishing and BEC attempts - and generative AI is only further greasing the wheels. 

In 2024 we will see more, not less, of such human compromise attacks that are a lot more sophisticated and targeted due to the use of gen AI. We will need to rethink our roadmaps as to how we can counter this problem. We should expect an acceleration of gen AI-based attacks becoming more prevalent and targeted, and unfortunately more successful. The attackers are moving from a spray-and-pray approach that relied on high-volume phishing emails, to now instead targeting people with specific information about someone's identity or bank account or personal details, which makes the scams much more convincing. 

We will see a significant increase in both the targeted nature of these social engineering attacks and their sophistication, and ultimately their success. Email will continue to be the top threat vector, but we are seeing these attacks anywhere now, including text messages, voice messages, work collaboration tools like Slack and social media. Anywhere you can get messaged on both the personal and business side, you can get attacked. 

Highly Targeted Attacks Created with Gen AI and Personal Information 

Phishing and BEC attacks are becoming more sophisticated because attackers are using personal information pulled from the Dark Web (stolen financial information, social security numbers, addresses, etc.), LinkedIn and other internet sources to create targeted personal profiles that are highly detailed and convincing. They also use trusted services such as Outlook.com or Gmail for greater credibility and legitimacy. And finally, cybercriminals have moved to more multi-stage attacks in which they first engage by email, but then convince victims to speak or message with them over the phone where they can create more direct verbal trust, foster a greater sense of urgency, and where victims have less protection. They are using AI to generate these attacks, but often with the goal to get you on the phone with a live person.  

We should also expect the rise of 3D attacks, meaning not just text but also voice and video. This will be the new frontier of phishing. We are already seeing highly realistic deep fakes or video impersonations of celebrities and executive leadership. As this technology becomes more widely available and less expensive, criminals will leverage to impersonate trusted contacts of their intended victims. In 2024 we will assuredly see a rise of 3D phishing and social engineering that combines the immersion of voice, video, and text-based messages. 

The Rise of Quishing and QRL Jacking 

Another new twist involves the malicious use of QR codes, including quishing and QRLJacking. QR codes, or quick response codes, have become ubiquitous in recent years. Quishing adopts phishing techniques to manipulate QR codes for cyberattacks.  

A typical quishing attack involves the attacker generating a QR code embedded with either a phishing link or malware download that is distributed through phishing emails, ads, social media, restaurant menus, posters, etc. In August 2023, researchers uncovered a phishing campaign that used malicious QR codes to target large companies, including a major U.S. energy firm. Similarly, QRLJacking, or quick response code login jacking, is a social engineering method that exploits the "login with QR code" feature used by many apps and websites, which can lead to full account hijacking. 

Long-Range Concerns About Nation-States and Even Self-Aware Bots 

It may sound like the plot of a science fiction thriller, but soon we absolutely will see the rise of generative AI-fueled malware that can essentially think and act on its own. This is a threat the U.S. should be particularly concerned over coming from nation-state adversaries. We will see attack patterns that get more polymorphic, meaning the artificial intelligence carefully evaluates the target environment and then thinks on its own to find the ultimate hole into the network, or the best area to exploit, and transforms accordingly. Rather than having a human crunching code, we will see self-learning probes that can figure out how to exploit vulnerabilities based on changes in their environment. 

The final piece is the use of AI by nation-states for surveillance and espionage, and ultimately to become the arbiter of the truth for thought control. If the source of an AI answer is unknown and opaque, but the public is only given that one answer by the arbiter of truth, then the leadership can always give you what they want you to know or hear - and now you have thought control. 

By applying large language models (LLM) with computer vision tools and natural language processing, we will see rapid development as we move out to more self-aware bots. That presents the classic philosophical sci-fi question of where do humans fit in with these super smart machines? As a result, we will see the use of these AI tools for more nefarious purposes that are increasingly more targeted and successful. 

Bad actors will be able to do these things at scale with near zero cost, so companies will need to rethink their security roadmaps and the tooling they have used historically. This brings up the common theme of "shift left" in security, meaning building defense right into the code by conducting testing in the software development phase. Security is a multi-layered discipline to protect code throughout its lifecycle, so it is better to build security upstream to protect against downstream exploits. 

The second big change is that everything in security needs to become more human ID-centric rather than network-centric. At the end of the day, we are far better off by providing access through human identity-centric methods and using AI to make that human a super-human. So rather than relying on a training simulation approach for users, we can rely on AI augmentation for that, so users don't have to be tricked into clicking on bad phishing links, for example. 

We have to shift our posture from a network-centric to a human-centric security posture. We will put an AI bubble around the user to become a super-human with an extra pair of computer vision eyes, and an ability to listen with spoken language contextualization by using AI. Everyone has talked about a personal co-pilot to help from a security posture, and we will see the rise of these AI co-pilots to augment humans and help users make the best decisions.  

This problem will not go away and will only get worse. Anywhere there is money and opportunity and data, which is across every industry, there will be attacks. This is a horizontal problem for all industries, not a vertical problem. The bad guys will always look for wherever the most sensitive data is based to target their attacks. 

##

ABOUT THE AUTHOR

Patrick Harr, CEO SlashNext

patrick harr 

SlashNext CEO Patrick Harr directs a workforce of security professionals focused on protecting people and organizations from phishing anywhere. Before joining SlashNext, Harr was CEO of Panzura, which he transformed into a SaaS company and led to a successful acquisition in 2020. Harr has also held senior executive and GM positions at Hewlett-Packard Enterprise, VMware, and BlueCoat, and he was the CEO of multiple security and storage start-ups, While at HPE, Harr scaled the Americas cloud business 19X and generated over $1.5B in revenue in five years. He has extensive startup and Fortune 500 vendor experience across cloud, storage, security, and networking. Harr received his MBA from the University of Maryland and a BA from Tulane University in Political Economy and Russian. 

Published Friday, November 17, 2023 6:01 AM by David Marshall
Get This Featured White Paper: Gorilla Guide to Real-Time Ransomware Detection and Recovery
You may also be interested in this white paper: How to Sell Disaster Recovery to Senior Management
Comments
There are no comments for this post.
To post a comment, you must be a registered user. Registration is free and easy! Sign up now!
datacenter-world
vExpert
Calendar
<November 2023>
SuMoTuWeThFrSa
2930311234
567891011
12131415161718
19202122232425
262728293012
3456789