Virtualization Technology News and Information
Article
RSS
Vectra AI 2024 Predictions: Accurate and Rapid Signals will be Key to Move at the Speed of Hybrid Attackers

vmblog-predictions-2024 

Industry executives and experts share their predictions for 2024.  Read them in this 16th annual VMblog.com series exclusive.

Accurate and Rapid Signals will be Key to Move at the Speed of Hybrid Attackers

By Christian Borst, CTO and EMEA of Vectra AI

This new year, attackers will set the tone of being innovative when it comes to deploying more human-centric and sophisticated attacks - like mixing and matching stolen Digital Identities. For the defenders, more evasive attackers means more rules, which means more alerts. And more alert rules to tune and maintain means more tedious work for heavily sought-after, highly skilled experts. This ‘spiral of more' is giving hybrid attackers the upper hand. In the coming year, organizations must prioritize accurate and rapid signals, to enable security operations teams focusing on added-value activity to move at the speed of hybrid attackers. This will enable the organization to achieve the much needed business resilience - a cornerstone of success in our digital world.

Here are three cybersecurity predictions that I believe will come to the forefront of the industry in the coming year.

Threat actors will mix and match digital identities to cause high-profile breaches

This year, a surge in credential harvesting attacks - like the Citrix NetScaler flaw and September's casino cyber attacks - means cybercriminal groups are sitting on millions of potential logins. In 2024, we'll see stolen credentials used to compromise digital identities and breach enterprises more successfully than ever before.

In the past, stolen credentials may have gotten threat actors into a handful of corporate accounts, but most wouldn't give them admin rights or privileged access to steal sensitive data. However, as enterprises use more cloud services, third party software, and open APIs in 2024, each account will give users varying degrees of privilege. Each source on its own may not seem like a big deal, but we will see cybercriminals mix and match their stolen access to get hold of sensitive data and breach organizations.

To protect against a flood of cloud-based account hijacks, organizations must improve their visibility into cloud environments so they can bolster resilience and spot attacks before they become a breach.

Widespread LLM usage will fade away, but deep fakes will skyrocket

Many organizations are exploring ways to use Large Language Models (LLMs) following the wave of hype this year. But when you scratch beneath the surface, it's clear the novelty factor will soon evaporate. LLMs are typically quite difficult to use, because they are unable to understand context or provide reliable outputs, so the wider practical use of LLMs is restricted for now. Next year, we will therefore see businesses scale back their use of LLMs as they wait for these tools to become more functional and user-friendly.

Threat actors will face the same issues with using LLMs, so we likely won't see much complex activity like AI generating malicious code. But, we can expect cybercriminals to harness generative AI to create more realistic and sophisticated deep fakes. This will give them a better chance of tricking users into giving up sensitive data or clicking on something malicious through more convincing audio or visual phishing lures.

The cost-of-living crunch will push cybercriminals to do more with less

In 2024 slowing economic growth will continue to impact both cybercriminals and cyber defenders. Both sides will be focusing on how to do more with less. Many cyber defenders will look to harness AI to reduce strain on staff and increase resilience. At the same time, we will see attackers consolidate their operations to target low hanging fruit. From a practical standpoint, this means phishing will likely remain a primary method of attack. But cybercriminals will also automate processes where possible to save on time and resources, whether it's by using pre-packaged cybercrime tools or harnessing generative AI to support with crafting phishing lures.

Businesses are facing an uphill battle when it comes to defending against security threats in 2024, as we will see cybercriminals continue to leverage generative AI and new sophisticated methods to conduct attacks. However, those who prioritize the efficacy of their signal will be equipped with the knowledge to move at the pace of hybrid attackers and will have the upper hand in defending themselves against cybercriminals.

##

ABOUT THE AUTHOR

Christian Borst 

Christian Borst, EMEA CTO at Vectra AI has more than 15 years of experience in IT and Cyber Security. Before joining Vectra AI in 2022 he built and executed the global cyber security strategy for Richemont - a leading luxury goods group. As a former consultant and current Advisory Board & Board Member, he is actively engaged in the cyber security community across different countries & industries. He holds a university degree from Freiburg University in Computer Science specializing in AI & Psychology.

Published Monday, December 18, 2023 7:36 AM by David Marshall
Comments
There are no comments for this post.
To post a comment, you must be a registered user. Registration is free and easy! Sign up now!
Calendar
<December 2023>
SuMoTuWeThFrSa
262728293012
3456789
10111213141516
17181920212223
24252627282930
31123456