Top 10 Cybersecurity Predictions for 2024 (Part 1)

(You can access the Turkish version of article from this link: https://shorturl.at/dPQW2)

As we enter the uncertain, unresolved and conflict-ridden calendar year 2024, I have compiled a summary of the most significant and notable reports on cybersecurity predictions. Before the start of each new year, global experts often examine trends and areas of international focus for the upcoming year and beyond. For 2024, the top topics range from impending elections, regional tensions, and wars to space exploration. Additionally, threats and tools marked by the rise of generative artificial intelligence (AI) in both offensive and defensive capacities are highlighted.

In New Year’s predictions, a variety of topics are emphasized. To gain a comprehensive view, it is crucial to examine in-depth research, reports, and trend analyses conducted by numerous companies. This summary, to be published in two parts, aims to alleviate the burden for security managers, particularly those in decision-making positions. Let’s begin.

1 -Checkpoint’s Cybersecurity Predictions for 2024

CheckPoint’s Immersive 2024 Predictions are broadly divided into 7 categories, highlighting Artificial Intelligence, Hacktivism and Weaponized Deepfakes Storms.

1. Artificial Intelligence and Machine Learning: In 2024, the increased adoption of AI by threat actors is expected to enhance and expand every aspect of their toolkits. Predictions include the rapid development of new malware and ransomware strains at lower costs and the use of deepfake technologies to elevate phishing and impersonation attacks.
2. Hackers Targeting Cloud to Access AI Resources — GPU Farming: Cloud-based AI resources will be seen as lucrative targets by hackers. They will likely focus on creating GPU farms in the cloud to support their AI-related activities.
3. Supply Chain and Critical Infrastructure Attacks: The supply chain continues to be a vulnerable point. The frequency of incidents involving the supply chain remains a concern for organizations with far-reaching impacts. This trend is expected to persist into the next year unless organizations conduct more thorough assessments of their third-party suppliers.
4. Cyber Insurance: With rising cyber insurance costs and talent shortages, organizations are predicted to move from reactive to proactive defensive security strategies. By implementing preventative measures against cyber attacks, organizations may see reduced insurance premiums.
5. Nation-State Attacks and Hacktivism: Geopolitical instability is expected to continue, and hacktivism is anticipated to account for a larger proportion of cyberattacks, particularly DDoS attacks. The main objective will be disruption.
6. Weaponization of Deepfake Technology: Threat actors are likely to increasingly use deepfake technology in social engineering attacks to gain unauthorized access and obtain sensitive data.
7. Persistence of Phishing Attacks: AI-enhanced phishing tactics may become more personalized and sophisticated, making it harder for individuals to detect malicious intent. This could lead to an increase in phishing-related breaches.

The report also titled “Ransomware: Hidden Exploits, Advanced Extortion, and AI Battlegrounds” predicts an increase in the use of artificial intelligence(AI) in ransomware attacks. Organizations will need to develop comprehensive incident response and recovery plans to mitigate potential impacts. As attacks become more sophisticated, improving security strategies is crucial for organizations to stay ahead.

2- Google Cloud’s Key Insights for 2024

Google Cloud begins its report with insights into the use of AI, generative AI, and Large Language Models (LLMs) in both offense and defense. It predicts a rapid proliferation of tools powered by AI service models among cyber attackers.

On the cyber defenders’ side, AI technologies will be utilized to strengthen the detection, response, and attribution of adversaries at scale. These technologies will also speed up analysis and other time-consuming tasks, such as reverse engineering. The report includes a separate discussion on the “Big Four” states — China, Russia, North Korea, and Iran — which appear to be at the forefront of cyber warfare.

The global and regional forecasts are then published under the following headings:

1. Continuous Use of Zero-Day Vulnerabilities and Edge Devices: In 2024, an increase in zero-day exploit use is expected by both nation-state attackers and cybercrime groups.
2. Cyber Activity Targeting the US Elections: As the United States enters a presidential election year, various cyber activities by nation-states and other threat actors are anticipated. These activities include espionage, influence operations targeting election systems, impersonation of candidates on social media, and information operations aimed at voters.
3. The Rise of Disruptive Hacktivism: Reflecting the trends seen in the Russia-Ukraine conflict and recent clashes between Hamas and Israel, hacktivist activity, including DDoS attacks, data leaks, and website defacements, is expected.
4. Wipers as a Standard Capability in Nation-State Cyber Arsenals: Amidst tensions in the Taiwan Strait and other global security threats, the pre-positioning of destructive malware on strategically important targets is likely to increase.
5. Targeting of Space-Based Infrastructure: Full-scale Computer Network Exploitation capabilities by advanced state-sponsored cyber actors are expected to emerge, compromising space-based systems.
6. Attacks on Hybrid and Multi-Cloud Environments: In 2024, threat actors are predicted to evolve their techniques to exploit vulnerabilities across cloud environments, focusing on misconfigurations and identity issues.
7. Increased Use of Serverless Services by Threat Actors: Cybercriminals and nation-state operators are expected to increasingly utilize serverless technologies in the cloud.
8. Continuation of Extortion Operations: Extortion operations are likely to remain a significant form of cybercrime, impacting businesses and societies globally.
9. Espionage and Sleeper Botnets: Cyber espionage operations will scale their attacks while improving their operational security (OPSEC).
10. Revival of Ancient Techniques: Some attackers are expected to revive older, less frequently addressed techniques to avoid detection.
11. Continued Migration to Modern Programming Languages by Malware Authors: The trend of developing malware in modern programming languages like Go, Rust, and Swift is predicted to continue.
12. Supply Chain Attacks Targeting Developers Through Software Package Managers: The prevalence of supply chain attacks is likely to increase, especially targeting less monitored package managers like PyPI (Python) and Crates.io (Rust).
13. Rise in Mobile Cybercrime: Cybercriminals are expected to use new social engineering tactics, such as fake messages from domestic help services, social media accounts, banks, or government officials, and deceptive pop-up alerts to trick victims into installing malicious apps.
14. Stabilization of Cyber Insurance Premiums: With more entities entering the cyber insurance market and increasing competition, a stabilization in rising premiums is expected.
15. Consolidation Around SecOps: Further consolidation in Security Operations (SecOps) is anticipated in 2024, as customers increasingly demand integrated risk and threat intelligence in their security solutions.

3- Fortinet Cyber Threat Predictions 2024

Fortinet’s report predicts that advanced persistent cybercrime will become more sophisticated and targeted, with an increase in intense turf wars between cybercriminal groups. The use of artificial intelligence to support attacks is also highlighted. Long-standing trends in the threat landscape are expected to evolve after 2024, with several significant developments:

1. A New Era of Advanced Persistent Cybercrime: As cyber criminals and Advanced Persistent Threat (APT) groups increasingly collaborate (with a growing presence on the dark web), it’s evident that our prediction of a new era of advanced persistent cybercrime has come true.
2. Intensifying Cybercrime Turf Wars: Observations include multiple cybercrime groups trying to infiltrate the same target within a short period of time, sometimes within a few hours, and trying to deploy ransomware strains in less than 24 hours.
3. Money Laundering Services Drying Up: Contrary to previous predictions, cybercriminals using Laundering as a Service to clean ill-gotten funds are facing challenges.
4. Capturing AI Chains to Support Attack Phases: The weaponization of AI is intensifying the threat landscape, enabling attackers to enhance each attack phase more efficiently and swiftly.
5. Next-Level Playbooks: Cybercriminals are expected to become more aggressive, expanding their target lists and playbooks.
6. A New and More Lucrative Day for Zero-Day: Zero-day attacks show no sign of slowing down. The rise of zero-day brokers — cybercrime groups that sell zero days on the dark web, often to multiple buyers — is predicted to be prominent in the Cybercrime as a Service (CaaS) community.
7. Inside the Game: With this shift, attackers are expected to continue advancing their tactics, reconnaissance, and weaponization. There’s also an anticipated trend of recruiting insiders within target organizations for initial access.
8. ‘We the People’ Attacks: In 2024, attackers are likely to exploit more customized and event-driven opportunities, such as the 2024 US elections and the Paris 2024 Games.
9. Narrowing the TTP Playing Field: Attackers will inevitably continue to expand their collection of Tactics, Techniques, and Procedures (TTPs) to compromise targets. Defenders can gain an advantage only by narrowing the playing field and disrupting these activities.
10. Partnerships are Crucial in Combating Cybercrime: Cybercrime affects everyone, with far-reaching consequences from breaches. Forming partnerships for easier information sharing is among the most effective actions in the industry.
11. Policy Changes on the Horizon: Strong partnerships are just one piece of the puzzle in combating cybercrime effectively. In 2024 and beyond, many policy changes are predicted, from mandating better cyber defenses in certain industries to more robust enforcement of incident reporting standards.

4- Kaspersky APTs predictions for 2024

Kaspersky’s report provides insights into the advanced persistent threat (APT) landscape for 2024. It predicts that existing APT techniques will continue to be employed alongside the emergence of new methods, including the increased use of artificial intelligence, hacktivism, and targeting of smart home technologies. The likelihood of new botnets and rootkits, as well as a rise in hacker-for-hire services and supply chain attacks offered as a service on cybercriminal underground forums, is also noted. To summarize under 8 headings:

1. Increased Use of Mobile Devices and Smart Home Technology: APT attackers may extend their surveillance to smart home devices, such as cameras and connected car systems.
2. Emergence of New Botnets: While botnets are more common in cybercriminal activities, Kaspersky anticipates increased APT utilization of them.
3. Deployment of More Kernel-Level Code: Despite Microsoft’s new security measures, numerous APT and cybercrime threat actors have been executing code in kernel mode on targeted systems. Recent examples include Netfilter and FiveSys rootkits, and POORTRY malware.
4. More Hacktivism Linked to APTs: Kaspersky observes that future conflicts are likely to involve hacktivist participation in various forms, such as Distributed Denial of Service (DDoS) attacks.
5. Supply Chain Attacks as a Service: Kaspersky suggests that supply chain attack trends may evolve, particularly through compromising open source software used by target organizations.
6. Growth in Hack-for-Hire Groups: Some APT groups are expected to exploit hacking-for-hire services, potentially selling these services to fund their cyber espionage activities.
7. Increased Use of AI for Targeted Phishing: Cybercriminals and APT threat actors are starting to use generative AI, with large language models designed for malicious purposes. Kaspersky anticipates new methods of AI utilization in automating cyber espionage.
8. Growing Targeting of MDT Systems: Exploiting vulnerabilities in Mobile Device Threat (MDT) systems is expected to become a more significant threat vector as cyber attackers refine their skills.

Finally, the report shares recommendations for protecting personal and corporate devices and systems against these APT threats and risks.

5)- Mcafee’s Predictions for 2024: AI, Elections, Deep Fraud, and the Olympics

McAfee’s 2024 predictions highlight the significant role of artificial intelligence(AI) in global events, including elections and the Olympics. The predictions are summarized in six key points:

1. Disruption in Election Cycles by AI Tools: The 2024 elections, including the United States presidential election, general elections in India, and European Union parliamentary elections, are predicted to see an increase in AI-generated photos, videos, or audio clones. For protection against disinformation, the following fact-checking groups are recommended:

• Politifact.com
• Snopes.com
• FactCheck.org
• Reuters.com/fact-check

2. AI Scams on Social Media: Cybercriminals are increasingly using artificial intelligence to manipulate social media platforms and shape public opinion in previously unimaginable ways.

3. Rise in Cyberbullying Among Kids: A disturbing trend for 2024 is the expected rise in cyberbullying, exacerbated by the increasing use of deepfake technology and the easy creation of realistic fake content. Prevention measures include Education and Awareness, Strong Policies and Regulations, and Support and Empowerment.

4. Charity Fraud Amidst Global Conflicts: With ongoing conflicts in Ukraine and the Middle East, frauds involving fundraising through fake charity websites are likely to increase. To avoid these, researching reputable charities is recommended.

5. Acceleration of Malware, Voice/Visual Cloning, and QR Code Scams: The creation and spread of persuasive phishing emails and QR code scams are predicted to become faster and more sophisticated, particularly with AI-powered spyware and ransomware threats. Using AI-powered software for protection is emphasized.

6. Olympic-Sized Scams: The 2024 Summer Olympics are expected to be a prime target for email-based phishing (phishing) and message-based smishing attacks. These messages are likely to appear across various channels, including email, text messages, and messaging platforms like WhatsApp and Telegram, and may infiltrate social media direct messages (DMs).