There is every reason to believe that 2024 may be an interesting year in the cybersecurity space, making it difficult to foresee what might transpire. However, Trustwave's leadership is up to the task.
There are several issues that Trustwave already knows will be at the core of many challenges that the world will have to face next year. The most prominent of these include the massive strides taken in the use of AI and its adoption by threat actors, the US presidential election, and the ongoing Russia-Ukraine and Israel-Hamas wars.
Our predictions will be posted in two parts to make them a bit more digestible. Let's start with thoughts on AI, and the impact, if any, adversaries might have on the upcoming election cycle.
I don't know how you have a predictions conversation without talking about generative AI.
In 2024, generative AI will enter a new stage of development and adoption and begin impacting organizations differently than we have seen so far. In the coming year, it will be all about the realization of benefit, of how organizations will very quickly tap into generative AI, and we will see shifting budgets, headcounts, and priorities to take advantage of what AI has to offer.
Companies must start seriously considering AI's ethical and privacy implications and its organizational adoption and determine whether it will use generative AI for internal or external use.
Then, there are the data management issues that arise from using generative AI. Every time data is replicated, the attack surface increases, and Large Language Models (LLMs) have the ability to very quickly create and replicate data. This situation means organizations must know where all their data resides so they can secure it.
The use of AI as part of political propaganda will likely grow. Likewise, using generative AI to craft phishing, Business Email Compromise (BEC), and scams will grow. Trustwave has already extensively covered WormGPT and FraudGPT, two handy generative AI tools for cybercriminals.
Given that many cybercriminals are not native English speakers, these tools and other LLMs can be handy for crafting well-written text, which can be much more effective in tricking a target.
We may also see other uses of generative AI. For example, adversaries will create deepfakes that can generate fake audio, photos, and profiles. These tools make determining whether content is real terribly hard, almost impossible.
We will see the continued advent of the cloud, AI, and the commoditization of ransomware-type services. I can see organizations where security isn't a priority continuing to come under pressure from attackers. While none of these surprise anyone, it's a trend that will continue.
We have seen an increase in AI and its accessibility; this enhanced accessibility reduces the barrier to entry for attackers to craft and deploy malicious material – this, again, is a trend that I believe will continue.
Defenders must continue to understand their assets and conduct vulnerability scanning, pen testing, and red teaming; they need to focus on reducing impact should an event happen – defense in depth being key.
Will there be any cyber activity centered on the US election? Yes. Yes. Yes. Lastly, yes. The political climate is in unchartered waters in the US. Election databases were leaked in the past, and one can only assume that an attempt or possible success will happen again. The influence of AI, with its ability to spread disinformation via deep fakes is likely to continue to escalate.
Deep fakes and other misinformation are already happening today, granted more as a parody, and not intended to cause harm. Still, this activity shows that many people do not check for authenticity, and what they see on their phones and social media becomes their source of the truth.
This fact alone will create an environment that is very susceptible to spreading misinformation and will encourage nation-states to interfere, if possible.
With the upcoming elections in the US, there is a heightened risk of cyberattacks targeting electoral systems, voter databases, and election infrastructure.
We have seen this before. For example, in 2019, Iranian hackers attempted to disrupt the UK general election by targeting electoral infrastructure.
Here are a few types of cyberattacks against that threat actors can deploy to influence elections: