As we approach 2024, renowned global cybersecurity firm Kaspersky focuses on evolving cybersecurity threats, especially the advanced persistent threats (APTs) that rank among the most dangerous.
According to Kaspersky's Global Research and Analysis Team (GReAT), APTs pose significant risks due to their complex tools, techniques, and highly targeted approach, making them hard to detect.
Given this, Kaspersky forecasts potential threats for 2024, including AI-powered impersonation, a surge of creative exploits for mobile, and the emergence of new botnets. Such advancements are anticipated to fuel politically motivated cyberattacks and cybercrime, posing a real danger to businesses and individuals worldwide.
The cybersecurity experts predict that APT actors will introduce new exploits targeting mobiles, wearables, and smart devices. The goal is to form botnets, further develop supply chain attack methods, and utilise AI technology for more effective spear-phishing, intensifying politically motivated attacks and cybercrime.
AI tools are expected to automate spear-phishing message production, enabling the mimicry of specific individuals. Attackers will likely create sophisticated automation methods by gathering online data, feeding it to language-learning models, and crafting phishing letters in the style of a person connected to the victim.
A significant year for mobile exploits, Operation Triangulation has the potential to stimulate further research into APTs attacking mobile, wearables, and smart devices. As 2024 draws near, threat actors may expand their surveillance efforts, targeting various consumer devices through vulnerabilities and silent exploit delivery methods, such as one-click attacks through messaging apps and intercepting network traffic.
Furthermore, the risk of large-scale, stealthy botnet attacks is heightened by the discovery and limited research into high and critical severity vulnerabilities in commonly used software and appliances, alongside delayed fixes. Concurrently, expectations are that rising geopolitical tensions may worsen state-sponsored cyberattacks featuring extensive data theft, destruction or encryption of IT infrastructure, long-term espionage, and cyber sabotage. Another rising trend, hacktivism, is becoming more common as part of geopolitical conflicts.
Other anticipated advanced threats for 2024 include 'supply chain attacks as a service', where operators bulk-buy access to smaller firms to breach larger ones, demonstrated by the notable Okta breaches in 2022-2023.
Increased hack-for-hire activities and bypassing of modern security measures like Kernel Mode Code Signing, PatchGuard, HVCI, and leveraging Bring Your Own Vulnerable Driver (BYOVD) in attack strategies are also expected to cause escalations of threats to Managed File Transfer (MFT) systems.
Igor Kuznetsov, Director of the Global Research and Analysis Team (GReAT), Kaspersky, explained, "In 2023, the surge in the availability of AI tools didn't escape the attention of advanced malicious actors involved in highly sophisticated campaigns."
"We anticipate that upcoming trends go beyond AI implications, including new methods for conducting supply chain attacks, the emergence of hack-for-hire services, novel exploits for consumer devices, and more."
"Our goal is to provide defenders with advanced threat intelligence that stays ahead of the latest threat developments, enhancing their capacity to fend off cyberattacks more effectively," said Kuznetsov.