High-profile cyberattacks and data breaches during 2023 highlighted the need for businesses to have strong cybersecurity measures in place at all times, and it’s an issue that will become even more critical in 2024.
The evolving attack vectors and strategies used by cybercriminals mean that protective tools and processes need to be constantly monitored and updated. It’s also important for security teams to be aware of new threats and techniques and take the steps necessary to protect against them.
As 2024 unfolds, six of the key trends predicted to shape the cybersecurity landscape are:
1) Increasing QR code use will lead to a rise in attacks:
Quick response (QR) codes have been around for many years. However, their popularity has recently increased, which has led to them being used by growing numbers of people. Unfortunately, the convenience of QR codes is training people to do the very thing that cybersecurity professionals say they should never do: click on a random link without knowing where it will take them.
Because they are widely used and often posted in public places, it’s easy for an attacker to alter a QR code and send users to a different web address. For this reason, it is likely a significant QR-related breach will occur during the coming year.
2) Cybercriminals use prompt engineering to trick LLMs:
The public launch of ChatGPT in late 2022 pushed Large Language Models (LLMs) into the mainstream. LLMs can undertake many tasks, from drafting documents to having virtual conversations with users. Threat actors and trolls love to turn benign emerging technologies into weapons for their own nefarious purposes and amusement. The same LLMs that might help you draft a paper could also help criminals write a very convincing social engineering email.
While not exactly traditional hacking, “prompt engineers” have been working diligently in the shadows to develop techniques that effectively nudge LLMs out of their “sandbox” and into more dangerous waters where they can chart a course of their own with greater potential to yield malicious results. The potential scale of the problem gets scary when you consider that more and more organisations are trying to harness LLMs to improve their operational efficiency.
However, using a public LLM for tasks dependent on your proprietary or otherwise private data can put that data at risk. Many of them retain input data for training purposes, which means you’re trusting the LLM vendor to store and protect it. While a traditional breach that exposes that raw data is still possible, we believe threat actors may target the model itself to expose training data. During 2024, we forecast that a smart prompt engineer – whether a criminal attacker or researcher – will crack the code and manipulate an LLM into leaking private data.
3) MSPs will turn to automation to meet client demands:
The skills shortage that has plagued the IT security sector for years shows no sign of abating. For this reason, increasing numbers of organisations are turning to managed service providers (MSPs) with security capabilities for support.
To enable them to deal with the surging demand, MSPs will increasingly make use of unified security platforms with heavy automation (AI/ML), to lower their cost of operations. This will also help to overcome the difficulty faced when looking to fill cybersecurity positions.
4) AI spear phishing tool sales boom on the Dark Web:
In 2024, we will see a boom in an emerging market for automated spear phishing tools, or a combination of tools, on the dark web. Spear phishing is one of the most effective tools attackers have to breach networks. However, traditionally it has also required the most manual work to research and target victims. There are already publicly available tools for sale on the underground to send spam email, automatically craft convincing, targeted text when equipped with the right prompts, and scrape the Internet and social media for a particular target’s information and connections, but a lot of these tools are still manual and require attackers to target one user or group at a time. Well-formatted procedural tasks like these are perfect for automation via AI/ML. During 2024, we expect to see at least one AI/ML-based tool to help automated spear phishing show up for sale on the underground.
5) AI-based ‘vishing’ attacks will accelerate:
Voice-based phishing, or ‘vishing’ occurs when a scammer calls and pretends to be a reputable company or organization, or even a co-worker, and asks for anything from money to access credentials.
The only thing holding incidents of this attack back has been the reliance on humans. While VoIP and automation technology make it easy to mass dial thousands of numbers and leave messages, once victims have been baited to get on the line, a human scammer must take over the call to reel them in.
In 2024, a combination of convincing deepfake audio and large language models (LLMs) capable of carrying on conversations with unsuspecting victims will greatly increase the scale and volume of vishing calls.
6) VR / MR headsets will be used to gather data about the location of users:
Virtual and mixed reality (VR/MR) headsets are finally beginning to gain mass appeal. VR/MR headsets offer a ton of new and personal information for attackers to steal, monetize, and weaponize. Among that information is the actual layout of your house or play space.
To track a user’s presence in a virtual environment, these headsets must track them in real space using a range of cameras and sensors. Some headsets have also added ‘passthrough’ and mixed reality features, which allow users to walk around their entire house, thereby creating a 3D map.
In 2024, we predict either a researcher or malicious hacker will find a technique to gather some of the sensor data from VR/MR headsets to recreate the environment users are playing in.
This diverse range of security challenges will make the coming year an interesting one for individuals, businesses, and security professionals alike. Being aware of the threats is the first step towards having measures in place to thwart them.