A November report from Google Cloud particulars doable nation-state malware ways in 2024 and new angles of cyberattacks.
What’s going to cybersecurity appear like in 2024? Google Cloud’s international Cybersecurity Forecast discovered that generative AI can assist attackers and defenders and urged safety personnel to look out for nation-state backed assaults and extra.
Contributors to the report included a number of of Google Cloud’s safety leaders and safety consultants from Mandiant Intelligence, Mandiant Consulting, Chronicle Safety Operations, Google Cloud’s Workplace of the CISO and VirusTotal.
Leap to:
How generative AI might influence cybersecurity in 2024
Menace actors will use generative AI and enormous language fashions in phishing and different social engineering scams, Google Cloud predicted. As a result of generative AI can create natural-sounding content material, staff might battle to determine rip-off emails by means of poor grammar or spam calls by means of robotic-sounding voices. Attackers might use generative AI to create pretend information or pretend content material, Google Cloudwarned.
LLMs and generative AI “will likely be more and more provided in underground boards as a paid service, and used for numerous functions corresponding to phishing campaigns and spreading disinformation,” Google Cloud wrote.
Then again, defenders can use generative AI in menace intelligence and knowledge evaluation. Generative AI might permit defenders to take motion at larger speeds and scales, even when digesting very giant quantities of information.
“AI is already offering an incredible benefit for our cyber defenders, enabling them to enhance capabilities, scale back toil and higher defend in opposition to threats,” mentioned Phil Venables, chief info safety officer at Google Cloud, in an electronic mail to TechRepublic.
Nation-states might use spear phishing or wiper malware
The report famous nation-state actors might launch cyberattacks in opposition to the U.S. authorities because the 2024 U.S. presidential election approaches. Spear phishing particularly could also be used to focus on electoral programs, candidates or voters.
Hacktivism, or politically motivated menace actors not related to a selected nation-state, is having a resurgence, Google Cloud mentioned.
Wiper malware, which is designed to erase the reminiscence of a pc, might change into extra widespread. It has been seen deployed by Russian menace actor teams attacking Ukraine, Google Cloud mentioned. The struggle in Ukraine has proven state-sponsored attackers may assault space-based applied sciences to disrupt adversaries or conduct espionage.
Espionage teams in 2024 might create “sleeper botnets,” that are botnets positioned on Web of Issues, workplace or end-of-life units to briefly scale assaults. The short-term nature of those botnets might make them notably tough to trace.
Older varieties of cyberattacks are nonetheless threats
A number of the traits Google Cloud highlighted present that well-known varieties of cyberattacks ought to nonetheless be on safety groups’ radar.
Zero-day vulnerabilities might proceed to extend. Nation-state attackers and menace actor teams might embrace zero-days as a result of these vulnerabilities give attackers persevered entry to an surroundings. Phishing emails and malware are actually comparatively straightforward for safety groups and automatic options to detect, however zero-day vulnerabilities stay comparatively efficient, the report acknowledged.
Extortion, one other well-known cyberattack method, stagnated in 2022 however may be anticipated to develop once more in 2024. Menace actors are promoting for stolen knowledge and reporting income from extortion that signifies development.
SEE: The malware SecuriDropper can get round Android 13’s restricted settings to obtain illegitimate apps (TechRepublic)
Some older menace strategies have gotten fashionable sufficient to get on the radar of Google Cloud. For instance, an anti-virtual machine method from 2012 has been seen once more not too long ago. And, an assault first documented in 2013 that makes use of undocumented SystemFunctionXXX capabilities as an alternative of cryptography capabilities in a documented Home windows API has change into fashionable once more.
Different cybersecurity traits and predictions in cloud, cell and SecOps
Google Cloud VP & GM Sunil Potti mentioned in an electronic mail to TechRepublic, “Proper now, we see organizations operating their knowledge in a mix of multicloud, on-premises and hybrid environments – and whereas it’s unrealistic to anticipate these organizations to host their property solely in a single place, it does make unified, complete safety operations and total threat administration notably difficult.”
In hybrid and multicloud environments, enterprises might must look out for misconfigurations and identification points that permit menace actors to maneuver laterally throughout completely different cloud environments, Google Cloud mentioned.
Many menace actors, together with nation-state menace actors, might use serverless companies in 2024. Serverless companies present them larger scalability, flexibility and automation.
Google Cloud has seen a rising curiosity amongst attackers in provide chain assaults hosted on package deal managers corresponding to NPM (Node.js), PyPI (Python) and crates.io (Rust). This sort of cyberattack is more likely to enhance as a result of it prices little to deploy and may have a significant influence.
Cell cybercrime is more likely to develop in 2024 as scammers use novel and confirmed social engineering ways to realize entry to targets’ telephones, the report mentioned.
Lastly, Google Cloud predicted SecOps will change into more and more consolidated in 2024. This roadmap can be utilized to drive cybersecurity methods and buying when making an attempt to get forward of no matter might are available 2024.
