AI-Powered Impersonation Among Kaspersky’s Advanced Threat Projections For 2024
New botnets, hacktivism and supply chain attacks are also part of the advanced threat landscape.
In 2024, advanced persistent threat actors will introduce new exploits on mobile, wearables and smart devices and use them to form botnets, refine supply chain attack methods and utilise artificial intelligence for more effective spear-phishing, cybersecurity company Kaspersky has predicted in a report. These advancements are anticipated to intensify politically motivated attacks and cybercrime, the report noted.
“In 2023, the notable surge in the availability of AI tools didn’t elude the attention of advanced malicious actors. We anticipate that upcoming trends go beyond AI implications, including new methods for conducting supply chain attacks, the emergence of hack-for-hire services, novel exploits for consumer devices, and more,” said Igor Kuznetsov, director, global research and analysis team, Kaspersky.
AI-Powered Impersonation, Rise Of Creative Exploits And New Botnets
Emerging AI tools can streamline spear-phishing message production, even enabling the mimicry of specific individuals, the report warned. Attackers may devise creative automation methods by gathering online data and feeding it to large language models to craft letters in the style of a person connected to the victim.
The report noted that threat actors will likely broaden their surveillance efforts, targeting consumer devices through vulnerabilities and silent exploit delivery methods, including zero-click attacks through messengers, one-click attacks via SMS or messaging apps and network traffic interception.
The exploitation of vulnerabilities in commonly used software and appliances is another point where enterprises must stay vigilant. High and critical severity vulnerabilities sometimes receive limited research and delayed fixes, potentially leading to new, large-scale and stealthy botnets capable of targeted attacks, the report underlined.
Growth In Cyberattacks By State-Sponsored Actors And Hacktivism
According to Kaspersky Security Bulletin, state-sponsored cyberattack numbers will potentially increase in the year ahead, amid increasing geopolitical tensions. These attacks will likely cause data theft or encryption, IT infrastructure destruction, espionage and cyber-sabotage.
Geopolitical tensions will also likely increase the trend of hacktivism, both destructive and aimed at spreading false information, leading to unnecessary investigations and alert fatigue of security operations centre analysts and cybersecurity researchers.
Other Advanced Threat Predictions For 2024
Supply Chain Attacks As A Service: The report anticipates supply chain attacks targeting smaller firms to breach major ones, with motives ranging from financial gain to espionage. New developments in dark web access market activities related to supply chains can enable more efficient and large-scale attacks.
More Groups Offering Hack-For-Hire Services: Hack-for-hire groups are on the rise, providing data theft services to clients ranging from private investigators to business rivals. This trend is expected to grow in 2024.
Kernel Rootkits: Despite modern security measures, kernel-level code execution barriers are being bypassed by APTs and cybercrime groups. Windows kernel attacks are on the rise, and the underground market for extended validation certificates and stolen code signing certificates is growing. Threat actors are increasingly leveraging bring your own vulnerable driver in their tactics, the report noted.
Managed File Transfer Systems For Advanced Attacks: IntricateMFT systems harbour security weaknesses and hence face escalating cyber threats, with adversaries eyeing financial gains and operational disruptions. Organisations should implement robust cybersecurity measures, including data loss prevention and encryption, and improve cybersecurity awareness to fortify MFT systems against evolving threats, the report recommended.