A November report from Google Cloud particulars attainable nation-state malware ways in 2024 and new angles of cyberattacks.
What’s going to cybersecurity seem like in 2024? Google Cloud’s international Cybersecurity Forecast discovered that generative AI might help attackers and defenders and urged safety personnel to look out for nation-state backed assaults and extra.
Contributors to the report included a number of of Google Cloud’s safety leaders and safety consultants from Mandiant Intelligence, Mandiant Consulting, Chronicle Safety Operations, Google Cloud’s Workplace of the CISO and VirusTotal.
Bounce to:
How generative AI might impression cybersecurity in 2024
Menace actors will use generative AI and huge language fashions in phishing and different social engineering scams, Google Cloud predicted. As a result of generative AI can create natural-sounding content material, workers might wrestle to establish rip-off emails by way of poor grammar or spam calls by way of robotic-sounding voices. Attackers might use generative AI to create pretend information or pretend content material, Google Cloudwarned.
LLMs and generative AI “shall be more and more supplied in underground boards as a paid service, and used for varied functions reminiscent of phishing campaigns and spreading disinformation,” Google Cloud wrote.
However, defenders can use generative AI in menace intelligence and information evaluation. Generative AI might enable defenders to take motion at better speeds and scales, even when digesting very massive quantities of knowledge.
“AI is already offering an amazing benefit for our cyber defenders, enabling them to enhance capabilities, cut back toil and higher shield in opposition to threats,” stated Phil Venables, chief data safety officer at Google Cloud, in an e-mail to TechRepublic.
Nation-states might use spear phishing or wiper malware
The report famous nation-state actors might launch cyberattacks in opposition to the U.S. authorities because the 2024 U.S. presidential election approaches. Spear phishing specifically could also be used to focus on electoral programs, candidates or voters.
Hacktivism, or politically motivated menace actors not related to a selected nation-state, is having a resurgence, Google Cloud stated.
Wiper malware, which is designed to erase the reminiscence of a pc, might develop into extra frequent. It has been seen deployed by Russian menace actor teams attacking Ukraine, Google Cloud stated. The struggle in Ukraine has proven state-sponsored attackers may assault space-based applied sciences to disrupt adversaries or conduct espionage.
Espionage teams in 2024 might create “sleeper botnets,” that are botnets positioned on Web of Issues, workplace or end-of-life gadgets to quickly scale assaults. The short-term nature of those botnets might make them significantly troublesome to trace.
Older kinds of cyberattacks are nonetheless threats
A number of the developments Google Cloud highlighted present that well-known kinds of cyberattacks ought to nonetheless be on safety groups’ radar.
Zero-day vulnerabilities might proceed to extend. Nation-state attackers and menace actor teams might embrace zero-days as a result of these vulnerabilities give attackers endured entry to an setting. Phishing emails and malware at the moment are comparatively simple for safety groups and automatic options to detect, however zero-day vulnerabilities stay comparatively efficient, the report said.
Extortion, one other well-known cyberattack method, stagnated in 2022 however will be anticipated to develop once more in 2024. Menace actors are promoting for stolen information and reporting income from extortion that signifies progress.
SEE: The malware SecuriDropper can get round Android 13’s restricted settings to obtain illegitimate apps (TechRepublic)
Some older menace strategies have gotten widespread sufficient to get on the radar of Google Cloud. For instance, an anti-virtual machine method from 2012 has been seen once more just lately. And, an assault first documented in 2013 that makes use of undocumented SystemFunctionXXX features as an alternative of cryptography features in a documented Home windows API has develop into widespread once more.
Different cybersecurity developments and predictions in cloud, cellular and SecOps
Google Cloud VP & GM Sunil Potti stated in an e-mail to TechRepublic, “Proper now, we see organizations operating their information in a mixture of multicloud, on-premises and hybrid environments – and whereas it’s unrealistic to count on these organizations to host their property solely in a single place, it does make unified, complete safety operations and general threat administration significantly difficult.”
In hybrid and multicloud environments, enterprises might must look out for misconfigurations and identification points that enable menace actors to maneuver laterally throughout completely different cloud environments, Google Cloud stated.
Many menace actors, together with nation-state menace actors, might use serverless companies in 2024. Serverless companies present them better scalability, flexibility and automation.
Google Cloud has seen a rising curiosity amongst attackers in provide chain assaults hosted on package deal managers reminiscent of NPM (Node.js), PyPI (Python) and crates.io (Rust). Such a cyberattack is more likely to enhance as a result of it prices little to deploy and might have a serious impression.
Cell cybercrime is more likely to develop in 2024 as scammers use novel and confirmed social engineering ways to realize entry to targets’ telephones, the report stated.
Lastly, Google Cloud predicted SecOps will develop into more and more consolidated in 2024. This roadmap can be utilized to drive cybersecurity methods and buying when attempting to get forward of no matter might are available in 2024.
