Into the Cyber Abyss: Check Point Predicts a Storm of AI, Hacktivism and Weaponised Deepfakes>
Global Secrity Mag – Check Point
Criminal activities in the cyber realm have increased, with a notable 8% rise in global cyberattacks reported by Check Point Research in the second quarter of the year.
Ransomware and hacktivism continue to be significant threats, with criminal groups adapting their methods and using legacy technology like USB storage devices to spread malware.
One highlight of this year is the evolution of the ransomware landscape, with 48 ransomware groups compromising over 2,200 victims in the first half of 2023, including high-profile attacks like the one against MGM Resorts.
Looking ahead to 2024, Check Point predicts the following trends:
– Artificial Intelligence and Machine Learning (AI/ML): Threat actors will increasingly adopt AI to enhance their toolkit, creating new malware variants or using deepfake technology for advanced phishing attacks.
Cyber defenders will also leverage AI/ML to strengthen security and guard against advanced threats.
The impact of regulation on AI usage in offensive and defensive activities is expected to be seen.
– Supply chain and critical infrastructure attacks: The focus on cybersecurity for critical infrastructure will drive the adoption of “zero trust” models that require verification for anyone attempting to connect, both inside and outside the network.
Organizations will need to evaluate their third-party suppliers more strictly to address supply chain vulnerabilities and implement stronger security protocols.
– Cyber insurance: AI will transform how insurance companies assess cybersecurity resilience of prospective customers, offering opportunities to provide cybersecurity services directly.
To reduce premiums, organizations will shift towards a more proactive approach to security, demonstrating preventive action against cyberattacks.
– Nation-state attacks and hacktivism: Geo-political instability will continue into the next year, leading to increased hacktivist activities, particularly DDoS attacks, aimed at disturbance and disruption.
Hacktivism might blur the lines with commercial motives, using ransomware attacks to fund other activities.
– Weaponization of deepfake technology: Threat actors will continue to use deepfakes to create misleading content that can influence opinions or manipulate markets, highlighting the need for vigilance against deepfake social engineering attacks.
– Phishing attacks: Phishing campaigns will increasingly rely on credential theft rather than software exploits, making them harder to detect.
Advanced phishing tactics using AI will become more personalized and effective.
– Ransomware: Attackers will adopt “living off the land” techniques, leveraging legitimate system tools to execute stealthy attacks.
This approach will demand advanced threat prevention strategies like Managed Detection and Response (MDR).
Despite improved defenses, incidents of data loss or leakage may still occur, especially with the growing reliance on SaaS platforms.
The interpretation of ransomware attack statistics will require careful consideration, as reporting protocols may impact the true scale of the threat.
In this evolving threat landscape, organizations must prioritize their own security protocols, scrutinize the security practices of third-party suppliers, and invest in collaborative, comprehensive, and consolidated cybersecurity solutions.
A proactive and adaptable approach is essential to effectively defend against cyber threats.
Link: https://www.globalsecuritymag.com/Into-the-Cyber-Abyss-Check-Point-Predicts-a-Storm-of-AI-Hacktivism-and.html