Trellix 2024 Threat Predictions>
IT Voice – Sherwin Shaju
In the cybersecurity landscape of the past year, the urgency for effective global threat intelligence has heightened amidst a complex geopolitical and economic climate.
Cyber threat actors continue to evolve, creating new risks through sophisticated tactics and partnerships within underground networks.
No individual or organization is immune, with ransomware persistently troubling organizations worldwide.
Trellix Advanced Research Center’s predictions for 2024 include:
1) **Malicious Use of AI**: The prevalence of powerful Large Language Models (LLMs) like GPT-4 is expected to empower cybercriminals, enabling more sophisticated and large-scale phishing campaigns.
Furthermore, this technology may spark a resurgence of “Script Kiddies”—inexperienced individuals who use AI tools for cyberattacks.
2) **Rise in AI Voice Scams**: There’s an anticipated increase in AI-generated voice scams that exploit social engineering techniques, becoming more convincing due to advancements in AI and challenging to detect.
3) **Supply Chain Attacks**: Managed File Transfer (MFT) solutions are predicted to become more frequent targets for ransomware attacks due to the valuable information they hold.
4) **New Programming Languages in Malware Development**: The use of newer languages like Golang and Rust for developing malware might result in a spike in such threats due to the languages’ capabilities and current lack of comprehensive analysis tools.
5) **Innovations in Ransomware Extortion**: Ransomware groups may employ new pressure tactics, including directly targeting the clients of breached organizations.
6) **Election Security**: The necessity to protect individuals involved in elections against phishing schemes is underscored as a priority for maintaining election integrity.
7) **Insider Threats**: A silent surge in insider threats is expected to challenge organizations, necessitating comprehensive strategies to identify and manage these risks.
8) **QR Code Threats**: The potential for QR code-based phishing campaigns is set to grow, exploiting the inherent trust users place in this technology.
9) **Attacks on Edge Devices**: The concerning focus on edge devices by threat actors, where traditional defense measures are less effective, is likely to increase.
10) **Python in Excel as Attack Vector**: With Microsoft blocking internet Macros in Excel, Python’s integration may become a new vector for cyberattacks.
11) **Use of Vulnerable Drivers (LOL Drivers)**: Attacks capitalizing on legitimate but vulnerable drivers for kernel-level privileges are expected to become more prominent.
These predictions emphasize the need for organizations to adopt vigilance and adaptable cyber strategies to maintain a crucial step ahead of cybercriminals.
Link: https://www.itvoice.in/trellix-2024-threat-predictions