Trustwave SpiderLabs Uncovers Ov3r_Stealer Malware Spread via Phishing and Facebook Advertising. Learn More

Trustwave SpiderLabs Uncovers Ov3r_Stealer Malware Spread via Phishing and Facebook Advertising. Learn More

Services
Capture
Managed Detection & Response

Eliminate active threats with 24/7 threat detection, investigation, and response.

twi-managed-portal-color
Co-Managed SOC (SIEM)

Maximize your SIEM investment, stop alert fatigue, and enhance your team with hybrid security operations support.

twi-briefcase-color-svg
Advisory & Diagnostics

Advance your cybersecurity program and get expert guidance where you need it most.

tw-laptop-data
Penetration Testing

Test your physical locations and IT infrastructure to shore up weaknesses before exploitation.

twi-database-color-svg
Database Security

Prevent unauthorized access and exceed compliance requirements.

twi-email-color-svg
Email Security

Stop email threats others miss and secure your organization against the #1 ransomware attack vector.

tw-officer
Digital Forensics & Incident Response

Prepare for the inevitable with 24/7 global breach response in-region and available on-site.

tw-network
Firewall & Technology Management

Mitigate risk of a cyberattack with 24/7 incident and health monitoring and the latest threat intelligence.

Solutions
BY TOPIC
Microsoft Exchange Server Attacks
Stay protected against emerging threats
Rapidly Secure New Environments
Security for rapid response situations
Securing the Cloud
Safely navigate and stay protected
Securing the IoT Landscape
Test, monitor and secure network objects
Why Trustwave
About Us
Awards and Accolades
Trustwave SpiderLabs Team
Trustwave Fusion Security Operations Platform
Trustwave Security Colony
Partners
Technology Alliance Partners
Key alliances who align and support our ecosystem of security offerings
Trustwave PartnerOne Program
Join forces with Trustwave to protect against the most advance cybersecurity threats

Trustwave 2024 Cybersecurity Predictions: Artificial Intelligence and the US Presidential Election

There is every reason to believe that 2024 may be an interesting year in the cybersecurity space, making it difficult to foresee what might transpire. However, Trustwave's leadership is up to the task.

 

There are several issues that Trustwave already knows will be at the core of many challenges that the world will have to face next year. The most prominent of these include the massive strides taken in the use of AI and its adoption by threat actors, the US presidential election, and the ongoing Russia-Ukraine and Israel-Hamas wars.

 

Our predictions will be posted in two parts to make them a bit more digestible. Let's start with thoughts on AI, and the impact, if any, adversaries might have on the upcoming election cycle.

 

Kory Daniels, Trustwave CISO

 

I don't know how you have a predictions conversation without talking about generative AI.

 

In 2024, generative AI will enter a new stage of development and adoption and begin impacting organizations differently than we have seen so far. In the coming year, it will be all about the realization of benefit, of how organizations will very quickly tap into generative AI, and we will see shifting budgets, headcounts, and priorities to take advantage of what AI has to offer. 

 

Companies must start seriously considering AI's ethical and privacy implications and its organizational adoption and determine whether it will use generative AI for internal or external use. 

 

Then, there are the data management issues that arise from using generative AI. Every time data is replicated, the attack surface increases, and Large Language Models (LLMs) have the ability to very quickly create and replicate data. This situation means organizations must know where all their data resides so they can secure it.

 

Ziv Mador, VP, Security Research, Trustwave SpiderLabs 

 

The use of AI as part of political propaganda will likely grow. Likewise, using generative AI to craft phishing, Business Email Compromise (BEC), and scams will grow. Trustwave has already extensively covered WormGPT and FraudGPT, two handy generative AI tools for cybercriminals. 

 

Predict-AI-Blog-1TClick on the image above to view a webinar on Trustwave SpiderLabs’ recent findings on ChatGPT.

 

Given that many cybercriminals are not native English speakers, these tools and other LLMs can be handy for crafting well-written text, which can be much more effective in tricking a target. 

 

We may also see other uses of generative AI. For example, adversaries will create deepfakes that can generate fake audio, photos, and profiles. These tools make determining whether content is real terribly hard, almost impossible.

 

 

Ed Williams, VP of Trustwave SpiderLabs EMEA  

 

We will see the continued advent of the cloud, AI, and the commoditization of ransomware-type services. I can see organizations where security isn't a priority continuing to come under pressure from attackers. While none of these surprise anyone, it's a trend that will continue. 

 

We have seen an increase in AI and its accessibility; this enhanced accessibility reduces the barrier to entry for attackers to craft and deploy malicious material – this, again, is a trend that I believe will continue. 

 

Defenders must continue to understand their assets and conduct vulnerability scanning, pen testing, and red teaming; they need to focus on reducing impact should an event happen – defense in depth being key. 

 

 

2024 Elections

 

 Bill Rucker, President, Trustwave Government Solutions

 

Will there be any cyber activity centered on the US election? Yes. Yes. Yes. Lastly, yes. The political climate is in unchartered waters in the US. Election databases were leaked in the past, and one can only assume that an attempt or possible success will happen again. The influence of AI, with its ability to spread disinformation via deep fakes is likely to continue to escalate.

 

Deep fakes and other misinformation are already happening today, granted more as a parody, and not intended to cause harm. Still, this activity shows that many people do not check for authenticity, and what they see on their phones and social media becomes their source of the truth. 

 

This fact alone will create an environment that is very susceptible to spreading misinformation and will encourage nation-states to interfere, if possible.

 

Ed Williams

 

With the upcoming elections in the US, there is a heightened risk of cyberattacks targeting electoral systems, voter databases, and election infrastructure. 

 

We have seen this before. For example, in 2019, Iranian hackers attempted to disrupt the UK general election by targeting electoral infrastructure.

 

Here are a few types of cyberattacks against that threat actors can deploy to influence elections:

  1. Distributed Denial-of-Service (DDoS) Attacks: These attacks aim to overwhelm election websites and systems with traffic, making them unavailable to voters and election officials.
  2. Malware Attacks: Hackers could install malware on election systems to manipulate voter registration data, change election results, or even shut down voting machines.
  3. Disinformation Campaigns: Hackers could spread false or misleading information about elections through social media, email, and other online channels. This activity could confuse voters and undermine public confidence in the electoral process.

 

Predict-AI-Blog-2Click the image to download the report now!

 

Latest Trustwave Blogs

Defending Healthcare Databases: Strategies to Safeguard Critical Information

The healthcare sector continues to be a primary target for threat actors, with 2023 seeing a record number of data breaches and compromised records. While successful attacks are inevitable, it’s...

Read More

Trustwave SpiderLabs: Ransomware Gangs Dominate 2024 Education Threat Landscape

The security teams manning the defenses at the higher education and primary school system levels often find themselves being tested by threat actors taking advantage of the sector's inherent cyber...

Read More

LockBit Takedown: Law Enforcement Disrupts Operations, but Ransomware Threats Likely to Persist

The news that US, UK, and other international law enforcement agencies disrupted LockBit is welcome, as stopping any threat group activity is always a positive. The unfortunate aspect is this blow...

Read More