Connect with us

Hi, what are you looking for?

Tech & Science

Online crime risks are doubling: Are cybercriminal groups starting to merge?

Advances in AI since the 2020 election have created new opportunities for social engineering campaigns like SMS and phishing attacks.

Image: © AFP
Image: © AFP

How will the cybersecurity landscape develop during 2024? Will cybersecurity groups start to merge? Will hacker groups start to exploit the potential of AI? Andrew Costis, Chapter Lead of the Adversary Research Team, AttackIQ  sets out the likely developments with cybersecurity over the next 12 months.

Ransomware source code leaks will fuel a new wave of sophisticated ransomware attacks that target Fortune 500 companies

On the subject of the primary cyberattack mode – ransomware – Costis finds: “Ransomware has been on a tumultuous rollercoaster ride in 2023 following a brief respite in late 2022. In the new year, it is poised to run rampant as leaked ransomware source code becomes more common, breeding new strains and allowing for easy access to existing advanced strains. However, this leaked source code will also be a boon to threat researchers, allowing them to analyze strains to create the proper security controls to defend against them.”

Nation-state threat actors will put endpoint protection products to the test to discover and exploit detrimental zero-days

In terms of changing attack modes, Costis warns: “Organized crime groups and e-crime groups have access to the same commercial endpoint detection and response products that legitimate customers use. These threat actors’ full-time jobs are to test these products until they can find a zero-day to exploit. In 2024, nation-state threat actors will try their hand at discovering zero-days in EDR products that will increase ransomware attacks and extortion demands in the new year.”

Nation-states and hacktivists will exploit increasing geopolitical tensions to cause widespread disruption

Global events provide a useful smokescreen for criminals, as Costis identifies: “With wars raging in Israel, Syria and Ukraine, there will be an uptick in cyberattacks on the defense industrial base, government, hospitals and other high-profile targets. These will be perpetrated by a range of state and non-state actors. Russia and Iranian intelligence services will continue to conduct attacks on a variety of Western interests in retaliation for their support of their foes in these conflicts. Affiliated proxy groups and hacktivists will also conduct less sophisticated attacks of opportunity either in ideological or direct support for their state clients. Historically they have targeted a wide range of sectors from financial services to healthcare, using defacement, information leaks and denial of service.”

Cybercrime will be more streamlined and organized than ever, leading to a record monetary loss of over $18 billion in 2024

An important risk is with cybercriminals coming together to form super-teams: “In 2024, select cybercrime groups will merge operations into a streamlined, multifaceted criminal enterprise. From initial access brokers to ransomware- and malware-as-a-service, all of these different components will come together to form a mutual partnership. Working better together, these cybercrime groups will deliver unprecedented financial losses in 2024, shattering previous records.”

Advanced social engineering in the form of false propaganda on social media will tilt the 2024 election

Costis’ final prediction concerns the application of artificial intelligence. Here he forewarns: “Advances in AI since the 2020 election have created new opportunities for social engineering campaigns like SMS and phishing attacks, the spread of false propaganda and the use of deepfake technology. In 2024, we’ll see more advanced social engineering campaigns that leverage AI to create highly targeted content that mimics political parties and politicians to ultimately spread disinformation.”

Bots are also a threat, Costis adds: “Automated bots will also play a role as they’re leveraged to automatically respond to social media posts to sway political opinions. At a time when many people struggle to verify their sources and get their news from social media, AI-generated false propaganda will incite individuals to change their political opinions and interfere with the outcome of the election.”

Avatar photo
Written By

Dr. Tim Sandle is Digital Journal's Editor-at-Large for science news. Tim specializes in science, technology, environmental, business, and health journalism. He is additionally a practising microbiologist; and an author. He is also interested in history, politics and current affairs.

You may also like:

Business

You can call it good business or at least good personal finance arithmetic.

Life

Catherine, Princess of Wales, announced on Friday she will make her first public appearance in six months this weekend.

Business

A digital ID is an online representation of an individual, which contains personal information.

Business

There are many reasons why businesses have trouble retaining their employees that they might not be noticing.