Download this article in PDF fromat.
Growing cyber-threats against vulnerable systems are creating significant financial impacts for organizations operating in today’s digital world. Cyberattacks may also damage a company’s reputation, leading to a loss of customer trust, diminished brand value and challenges attracting new customers, investors and business partners.
In 2023, Qualys says 26,447 vulnerabilities were disclosed, up from 25,050 the previous year. The company’s historical charts, which date back to 2000, indicate a fairly consistent increase in the number of security vulnerabilities over time. In 2023, the most common “attack” methods included proof-of-concept exploit code; weaponized exploit code; and malware and ransomware, among others.
In December alone, IT Governance USA says that there were 443 publicly-disclosed global security incidents and that 1,613,496,782 were breached within that 31-day period. In response to these and other reports of increasing cybercrimes, more companies are taking steps to lock down their data, educate their employees and secure their systems in a way that helps to keep those applications safe from the “bad actors.”
“In today’s computerized world, new risks emerge every hour of every day. Connecting to the Internet opens up the possibility of a hacker targeting your organization,” the International Federation of Accountants (IFAC) cautions. “Cybercrime is becoming big business and cyber risk is a focus of organizations and governments globally. Monetary and reputational risks are high if organizations don’t have an appropriate cybersecurity plan.”
Key Developments to Watch
In its recently-released Google Cloud Cybersecurity Forecast 2024, the technology company’s security leaders brainstormed together and came up with a laundry list of cybersecurity-related predictions. “These individuals are regularly on the frontlines of the latest and largest attacks, and know what organizations and security teams need to be thinking about in the coming year,” Google points out in its report.
Here are three of several key developments that Google is watching as we move further into 2024:
- Improved, professionalized and scaled phishing. Google predicts that generative artificial intelligence (AI) and large language models (LLMs) will use phishing, SMS text and other social engineering operations to make the content and material (including voice and video) appear more legitimate. “Misspellings, grammar errors, and lack of cultural context will be harder to spot in phishing emails and messages,” Google cautions. Using gen AI, for example, attackers may be able to execute these attacks at scale. “If an attacker has access to names, organizations, job titles, departments, or even health data, they can now target a large set of people with very personal, tailored, convincing emails,” the company adds.
- Scalable information operations. A clever gen AI prompt will be all attackers need to create fake news, fake phone calls that will actively interact with recipients, and deepfake photos and videos based on gen AI-created fake content. “We judge that such gen AI technologies have the potential to significantly augment information operations—and other operations such as intrusions—in the future, enabling threat actors with limited resources and capabilities,” Google explains, “similar to the advantages provided by exploit frameworks such as Metasploit or Cobalt Strike.
- Gen AI and LLMs as a service… for attacks. Google predicts that LLMs and other gen AI tools will be developed and offered “as a service” to assist attackers with target compromises. “They will be offered in underground forums as a paid service, and used for various purposes such as phishing campaigns and spreading disinformation,” the company reports. “We’ve already seen attackers have success with other underground as a service offerings, including ransomware used in cybercrime operations.”
In conclusion, Google advises all organizations to prepare for “global activity around the myriad major events being held throughout 2024, including the U.S., European Parliament and other elections, as well as the Summer Olympics in Paris.” Additionally, the company says incidents of “disruptive hacktivism” may increase as a result of ongoing global conflicts.