Bold(er) Cybersecurity Predictions For 2024 | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #ransomware

It’s an annual tradition around the holidays and the New Year to recap the year gone by and prognosticate on the year ahead. I considered simply sitting this year out because, frankly, the “predictions” are generally either glaringly obvious, thinly veiled marketing aligned with a company’s agenda, or both.

Identity security companies “predicting” that identity will be crucial, or mobile device security companies “predicting” an increase in cyberattacks against mobile devices aren’t really predictions. Neither are things like saying that ransomware will continue to be a threat, or that cybercriminals will continue to perpetrate attacks. My goal with this article is to break the mold—or at least bend it a bit—with bolder, less conventional forecasts for 2024.

So, here we go:

CISO: From Scapegoat To The CFO Of Data

Daniel Barber, CEO of DataGrail, likens the evolving role of the CISO to that of the CFO post-Enron. He suggests that in 2024, the CISO’s role will become crucial, akin to a CFO but for data, highlighting their importance in board-level discussions and risk management.

“Data is described as the new digital currency, signifying the importance of data in business. As such, CISOs now hold more visible roles in organizations, with increased focus on board-level reporting on risk and the secure use of technology.”

Scott Roberts, head of threat research at Interpres Security, offered this insight on the CISO role: “Part of a CISO’s job, love it or hate it, is to take the hit for the board when they get hacked, lose their job, take a nice payout and take another CISO job six months down the road. If that hit now potentially includes legal trouble and even jail time, it is going to change the role’s entire dynamic in some good ways, but also some unforeseen bad ways.”

Generative AI And LLMs: From Productivity To Peril

Yaron Kassner, Silverfort’s CTO, warns about AI’s double-edged sword. Generative AI will fuel identity-based attacks, elevating risks in AI-driven phishing and spear-phishing campaigns. AI’s rapid development intertwines with identity risks, making vigilance and advanced security measures critical.

Mainstream generative AI tools typically have guardrails in place to prevent them from being used maliciously, but those measures can be easily circumvented in many cases. “Rather than telling the tool to create an email phishing template, one only has to ask it to write a letter from a CEO asking for payment for an invoice,” points out Barracuda CTO Fleming Shi. “The slight changes in phrasing make these tools vulnerable, generally available, and extremely useful to bad actors everywhere. Because this process is so easy, 2024 will be the year that English becomes the best programming language for evil.”

Pat Arvidson, chief strategist and evangelist at Interpres Security, has a bolder take on generative AI and LLMs. “Large language models (LLMs) such as ChatGPT will be the biggest disappointment to offensive and defensive cybersecurity that we have ever seen. In fact, the ease with which threat actors can poison these models and destroy the ability to create usable code will cause the use for LLMs in cybersecurity to die within 9 months.”

Geopolitical Tension: Innovating Military Tactics And OT/ICS Targeting

Ofer Schreiber of YL Ventures notes the innovation driven by Israeli military intelligence units in cyber technologies for warfare. “Following the atrocities committed by Hamas against Israel on October 7th, 2023, many former intelligence officers have been deployed in reserve duty, inevitably inspiring many of them to use their abilities to ideate and develop novel cyber technologies to assist wartime efforts.”

With geopolitical tensions high, Rubi Aronashvili, founder and CEO of CYE expects we will see a significant increase in attempts and attacks against OT (operational technology) and ICS (industrial control systems) environments.

Aronashvili also stressed an increase use of cyberattacks as weapons of war. “They can target traditional military targets, as well as civilian infrastructure, financial systems, and communications networks. In the coming year, we will continue to see this trend as state and non-state actors seek to gain a strategic advantage or disrupt the operations of adversaries.”

Shifting Motives: Climate Hacktivism And Chaotic Threat Actors

Toby Lewis from Darktrace predicts a rise in climate change activism in cyberspace, potentially disrupting critical services like fossil fuel supplies. “With a proven willingness to have a greater physical impact to bring public awareness to their cause, 2024 could be the year we see hacktivism reach new levels of operational impact.”

Casey Ellis of Bugcrowd provided a different perspective on the shift in cyberattack motivating—suggesting a return of chaotic actors like Lulzsec and Anonymous, driven by various motivations. He points out, “Lapsu$ demonstrated that defenders have been focused on financially and state-motivated attackers, leaving open doors for those whose goal might seem ‘irrational.’ The increasing array of reasons for hacktivists to use hacking as a protest tool puts this at the top of my list for 2024.”

Quantum Computing: The Time-Traveling Threat

Dr. Adam Everspaugh of Keeper Security highlights the looming threat of quantum computing. The potential for quantum computers to crack current cryptography poses a significant risk, necessitating a shift towards quantum-resistant algorithms.

Attackers may not have these capabilities now, but they are exfiltrating data that may prove valuable in the future. “The primary attack of concern is store-and-crack, where attackers may capture and store encrypted information and web traffic now, and then when quantum computers are available, break the encryption and read the secrets that are stored.”

Jon France, CISO at ISC2, also believes that quantum computing is a concern and that quantum-safe cryptography is crucial. “Networks using quantum-safe key distribution are starting to be deployed, which is vitally important to counter the threat of compromised key distribution when quantum computers become more commercially available.”

Quishing: The Emerging QR Code Threat

QR codes are one of those things that seem uniquely engineered to be exploited and yet continue to gain momentum as a mainstream technology. Sparked initially by the Covid pandemic and the desire to minimize the spread of germs, QR codes have caught on in a myriad of ways for companies to share information—whether its store hours, current deals, or a restaurant menu.

Kern Smith of Zimperium raises the alarm on QR code phishing or “quishing.” As QR codes become ubiquitous, they also become a ripe target for cybercriminals, particularly on mobile devices. “This type of attack currently bypasses traditional web and email gateway controls, allowing attackers to easily embed a malicious URL containing custom malware into a QR code that could then exfiltrate data from a mobile device when scanned.”

National Elections: AI in Disinformation

Mick Baccio of Splunk’s SURGe predicts an increase in AI-driven disinformation, especially around national elections. “Less technologically sophisticated nations will have a lower barrier of entry to launch disinformation campaigns with AI, opening the floodgates for script kiddies to enter the cyber underworld on a global scale.”

Ryan Kovar, security strategist and leader of Splunk’s SURGe agrees that AI’s ability to generate convincing fake content could significantly impact public perception and discourse. “In light of high-profile national elections and ongoing global conflict, more nation-states will use AI to their advantage and discover new ways to execute politically motivated attacks, hacktivism, and sabotage.”

Focus On What Matters

Morgan Wright of SentinelOne suggests a shift in focus. Instead of predicting specific threats, we should ask whether we are addressing the most crucial ones. He cited Dwight Eisenhower’s philosophy and stressed that it’s the important, not just the urgent, that should command our attention.

“When it comes to cybersecurity, it’s tough to predict what will happen in the next 30 seconds, much less the next year. Instead of serving up a bevy of predictions for the end of the year, how about if we start asking tough questions to expose the gaps in our thinking and lead us to positive outcomes?”

Yes, ransomware will continue to be a major concern and cyberciminals will continue to cybercrime. Identity security vendors will continue to emphasize the importance of identity security, and mobile security companies will stress the role of mobile security as expected. Hopefully, at least some of these predictions are a little less obvious, and help you be better prepared to defend against threats in 2024.

Follow me on LinkedIn. Check out my website. 


Click Here For The Original Source.

National Cyber Security