Disinformation during elections, intensified cyber attacks from Russia, and increasingly high-quality phishing emails – these are the main phenomena that, in the opinion of Leszek Tasiemski, vice president of WithSecure, will shape the landscape of cyber threats in 2024. Artificial Intelligence will grant hackers the ability to act faster once security vulnerabilities are exposed.
Geopolitical Risks are More Serious Than Before
The global geopolitical situation is complicated and unstable. This, of course, also affects the landscape of cyber threats. From the perspective of Poland, Russia remains the most serious threat. We can expect intensified DDoS (Distributed Denial of Service) attacks where a group of computers are used to ‘bombard’ a single target, such as a website, simultaneously. There could also be disruptions to connectivity caused by interference with physical pieces of infrastructure, such as undersea fibre-optic cables. This won’t cause a mass digital blackout, but it could disrupt network operation. Russia is a country that has not much to lose in its interactions with the West. Cybercriminal gangs will likely not be pursued there – on the contrary, they may have an increasingly broad field for impunity. In the future, Russia may even follow North Korea’s footsteps, which funds state operations through cybercrime, (including with the help of the Lazarus group).
Deepfake Also in the Political World
2024 will be an election year in many countries. A president will be elected in the United States and there will also be an election to the European Parliament. Therefore, we should expect disinformation campaigns on an unprecedented scale, using previously unavailable techniques, such as deepfakes. This is one of the revolutionary achievements of the latest AI algorithms, which allow the generation of audio or video materials that can essentially mimic any person. Especially during pre-election periods or in times of social tension, it’s an excellent tool for spreading disinformation and conducting effective influence campaigns. Thus, the role of reliable journalism and a critical approach to sensational information appearing in social media becomes critical.
Artificial Intelligence Used in Phishing Attacks
ChatGPT service was the first to show the possibilities of generating natural text by a machine in a simple and easily accessible way. Generative AI, such as ChatGPT, is a very useful tool for phishing attacks. Messages can be generated quickly, massively and customized to each recipient, in different languages. They are also stylistically developed. Therefore, you should prepare for a future when phishing messages will be indistinguishable from those sent by real institutions.
Less Time for Secure Patching of Vulnerabilities
Updates of any software, from the web browser to the one managing car operation, usually contain so-called security patches. Currently, a few days usually pass from the moment information about an application’s vulnerability is published until it’s exploited by criminals. They have to manually modify malicious software to exploit new security vulnerabilities. This time buffer allows users or companies to update all devices and programs. But modern algorithms can automate the process of cybercriminals, making them ready to attack a newly revealed vulnerability much faster, leaving users less time to install updates.
Blackmail Concerning Stolen Data
There has been a notable shift in tactics used by criminal groups using ransomware. Initially, hackers limited themselves to encrypting data and demanding a ransom for its recovery. But as victims pay ransom less frequently, gangs changed tactics, and now besides encrypting data, they steal it and demand payment not just for decryption, but primarily for not publishing it. This increases pressure on victims and the chances of reaping financial benefits. Keep in mind that, regardless of whether they receive a ransom or not, gangs can still monetize stolen information, for example, by selling it to competitors or by blackmailing customers. In some cases, this can even lead to a company’s bankruptcy – such was the case of the Finnish psychotherapy clinic Vastaamo in 2020. Data of about 30,000 customers was stolen from it, and the criminals later blackmailed these customers, ultimately leading to the clinic’s bankruptcy.
“Old” Risk Factors are Still Relevant
New solutions added to the company IT architecture usually complement the ones already in use, but they do not replace them. Hence, although new methods of attack are emerging, the old ones remain effective. Many hacking techniques, such as those that exploit network protocol vulnerabilities or email, still work, despite not having significantly changed over the last 15-20 years.