Be prepared for developments from social engineering and AI-powered ransomware to edge security and healthcare API vulnerabilities.
It’s that time of the year again… As we approach the New Year 2024, organizations across the Asia Pacific may be both apprehensive about what cyberthreats loom ahead, yet optimistic as to how we can overcome whatever cybersecurity hurdles encountered.
Here are some predictions for 2024 from Akamai’s technology and security leaders, that may help us prepare for what lies ahead.
Dr Robert Blumofe, Executive Vice President and Chief Technology Officer:
-
Social engineering will dominate the cyberthreat landscape
In 2024, cybercriminals’ weapon of choice will be social engineering. Previously, a social engineering attack required a high degree of effort – extensive research on the victim and significant time to craft convincing fakes. All of this changes with modern AI.Modern AI can automate the research for social engineering attacks. Further, generative AI, with its extraordinary skill at mimicry, can create convincing deepfakes. The result is high-yield social engineering attacks perpetrated at scale.
This trend, combined with stricter government regulations in the Asia Pacific to protect personal identifying information and prevent data leaks, will push companies to invest in zero-trust architecture, especially microsegmentation, to protect critical assets even when an employee accidentally falls victim to social engineering.
-
2024 will be the year of AI security snake oil
Cybercriminals have been quick to adopt generative AI tools to advance their goals. Organizations are, rightfully, racing to ensure assets are protected.The solution to this increase in cyberthreats won’t be generative AI-enhanced security. But that fact won’t stop startups from claiming that they have used genAI to create a security silver bullet.
While AI, particularly deep learning, will always have a place in solving security challenges, organizations will be better served by avoiding the AI panic and ensuring any security solutions help them optimize the security basics – identity, visibility, zero trust access, and microsegmentation.
Security basics done really well will continue to be the best way to protect assets from the threats we know and the ones we aren’t yet aware of.
Reuben Koh, Director of Security Technology and Strategy:
-
AI-powered ransomware will likely make an appearance in 2024
Ransomware attacks are relentless and will affect unprepared organizations. Most of these malicious acts involve a series of tactics and techniques, known as the kill chain. Already, threat actors are leveraging AI for attacks through programs like FraudGPT and WormGPT.In 2024, it looks like a case of whether cybercriminals or businesses act in a more decisive manner as attackers increasingly use these tactics:
- Automate the arduous tasks of target prioritization and effortless circumvention of defenses, developing a new weapon in the ransomware arsenal
- Enhance ransomware encryption, making it more resistant against decryption and reverse engineering, thanks to optimized encryption algorithms
- Ransomware led by AI chatbots, which increases the scalability and efficiency of attacks on victims
Dean Houari, Director of Security Technology and Strategy:
-
Cybersecurity will finally become a strategic priority for companies and no longer be relegated as the sole responsibility of IT
Cybersecurity is evolving from a reactive stance to a more offensive approach by design. As businesses move towards the widespread uptake of multi-cloud platforms and cloud-native applications, the API attack surface will expand and be more susceptible to exploitation.Edge computing might become a potential battleground, vulnerable to the onslaught of business logic attacks. Public sector agencies in particular are beginning to recognize the urgency of safeguarding Personally Identifiable Information (PII), and will increasingly adopt a zero-trust architecture to minimize data leaks.
Organizations should also focus on securing the supply chain, to thwart attackers attempting to exploit trusted connections from third-party vendors and breach their perimeters. For example, as the healthcare industry expands its use of connected medical devices such as MRI machines, insulin pumps, and wearables, APIs will continue to play a critical role in the accessibility of medical services (e.g., telehealth and remote patient monitoring), this will lead to a host of vulnerabilities that attackers will exploit to obtain the high value of health records and patient data on the dark web.
Phishing tools, infused with the magic of generative AI, will create even more deepfakes more easily, and elevate social engineering attacks to unprecedented levels. Organizations must not only anticipate the evolving threats, but also regularly assess the organization’s overall security and risk posture to keep up with ever-changing cyber threats.
