A November report from Google Cloud particulars attainable nation-state malware ways in 2024 and new angles of cyberattacks.
What’s going to cybersecurity seem like in 2024? Google Cloud’s international Cybersecurity Forecast discovered that generative AI may also help attackers and defenders and urged safety personnel to look out for nation-state backed assaults and extra.
Contributors to the report included a number of of Google Cloud’s safety leaders and safety specialists from Mandiant Intelligence, Mandiant Consulting, Chronicle Safety Operations, Google Cloud’s Workplace of the CISO and VirusTotal.
Bounce to:
How generative AI could affect cybersecurity in 2024
Menace actors will use generative AI and enormous language fashions in phishing and different social engineering scams, Google Cloud predicted. As a result of generative AI can create natural-sounding content material, staff could battle to determine rip-off emails by way of poor grammar or spam calls by way of robotic-sounding voices. Attackers might use generative AI to create pretend information or pretend content material, Google Cloudwarned.
LLMs and generative AI “can be more and more supplied in underground boards as a paid service, and used for varied functions reminiscent of phishing campaigns and spreading disinformation,” Google Cloud wrote.
Then again, defenders can use generative AI in menace intelligence and information evaluation. Generative AI might permit defenders to take motion at larger speeds and scales, even when digesting very massive quantities of knowledge.
“AI is already offering an amazing benefit for our cyber defenders, enabling them to enhance capabilities, scale back toil and higher defend towards threats,” stated Phil Venables, chief info safety officer at Google Cloud, in an e mail to TechRepublic.
Nation-states could use spear phishing or wiper malware
The report famous nation-state actors could launch cyberattacks towards the U.S. authorities because the 2024 U.S. presidential election approaches. Spear phishing particularly could also be used to focus on electoral methods, candidates or voters.
Hacktivism, or politically motivated menace actors not related to a specific nation-state, is having a resurgence, Google Cloud stated.
Wiper malware, which is designed to erase the reminiscence of a pc, could grow to be extra frequent. It has been seen deployed by Russian menace actor teams attacking Ukraine, Google Cloud stated. The battle in Ukraine has proven state-sponsored attackers may assault space-based applied sciences to disrupt adversaries or conduct espionage.
Espionage teams in 2024 could create “sleeper botnets,” that are botnets positioned on Web of Issues, workplace or end-of-life units to quickly scale assaults. The momentary nature of those botnets could make them notably tough to trace.
Older varieties of cyberattacks are nonetheless threats
Among the traits Google Cloud highlighted present that well-known varieties of cyberattacks ought to nonetheless be on safety groups’ radar.
Zero-day vulnerabilities could proceed to extend. Nation-state attackers and menace actor teams could embrace zero-days as a result of these vulnerabilities give attackers persevered entry to an setting. Phishing emails and malware are actually comparatively straightforward for safety groups and automatic options to detect, however zero-day vulnerabilities stay comparatively efficient, the report said.
Extortion, one other well-known cyberattack approach, stagnated in 2022 however could be anticipated to develop once more in 2024. Menace actors are promoting for stolen information and reporting income from extortion that signifies progress.
SEE: The malware SecuriDropper can get round Android 13’s restricted settings to obtain illegitimate apps (TechRepublic)
Some older menace strategies have gotten well-liked sufficient to get on the radar of Google Cloud. For instance, an anti-virtual machine approach from 2012 has been seen once more lately. And, an assault first documented in 2013 that makes use of undocumented SystemFunctionXXX capabilities as a substitute of cryptography capabilities in a documented Home windows API has grow to be well-liked once more.
Different cybersecurity traits and predictions in cloud, cellular and SecOps
Google Cloud VP & GM Sunil Potti stated in an e mail to TechRepublic, “Proper now, we see organizations working their information in a mix of multicloud, on-premises and hybrid environments – and whereas it’s unrealistic to count on these organizations to host their belongings solely in a single place, it does make unified, complete safety operations and general threat administration notably difficult.”
In hybrid and multicloud environments, enterprises could must look out for misconfigurations and identification points that permit menace actors to maneuver laterally throughout completely different cloud environments, Google Cloud stated.
Many menace actors, together with nation-state menace actors, could use serverless companies in 2024. Serverless companies present them larger scalability, flexibility and automation.
Google Cloud has seen a rising curiosity amongst attackers in provide chain assaults hosted on package deal managers reminiscent of NPM (Node.js), PyPI (Python) and crates.io (Rust). The sort of cyberattack is more likely to enhance as a result of it prices little to deploy and may have a significant affect.
Cell cybercrime is more likely to develop in 2024 as scammers use novel and confirmed social engineering ways to realize entry to targets’ telephones, the report stated.
Lastly, Google Cloud predicted SecOps will grow to be more and more consolidated in 2024. This roadmap can be utilized to drive cybersecurity methods and buying when making an attempt to get forward of no matter could are available in 2024.
