Google forecast report predicts the cybersecurity landscape in 2024 to be increasingly complex, with generative AI playing a significant role in both attacks and defences
As technology advances, so do the methods used by cyber attackers. The emerging use of generative AI and large language models (LLMs) in cyberattacks poses new challenges for cybersecurity. The Google Cybersecurity Forecast 2024 has predicted that cybersecurity landscape will face significant risks introduced by generative AI and the defensive strategies to mitigate them.
Improved, professionalized, and scaled phishing
Generative AI and large language models (LLMs) will be utilized in phishing, SMS, and other social engineering operations to make the content and material (including voice and video) appear more legitimate. Misspellings, grammar errors, and lack of cultural context will be harder to spot in phishing emails and messages. LLMs will be able to translate and clean up translations too, making it even harder for users to spot phishing based on the verbiage itself.
LLMs will allow an attacker to feed in legitimate content, and generate a modified version that looks, flows, and reads like the original, but suits the goals of the attacker. With gen AI, attackers will also be able to execute these campaigns at scale. If an attacker has access to names, organizations, job titles, departments, or even health data, they can now target a large set of people with very personal, tailored, convincing emails. A malicious LLM may not even be necessary to create these emails since there is nothing inherently malicious about, for example, using gen AI to draft an invoice reminder
Evolving Phishing Tactics
- Enhanced Legitimacy:Use of Generative AI: Attackers are increasingly using AI to craft convincing phishing materials. This includes emails, SMS, and social engineering content that are free of errors and culturally contextual, making them harder to detect.
- Personalized Attacks: Access to personal data allows attackers to send highly targeted and personalized emails, increasing the likelihood of successful phishing attempts.
- Increased Difficulty in Detection: The sophisticated nature of these AI-generated attacks makes traditional detection methods less effective.
- Wider Scale of Attacks: The scalability of AI enables attackers to target a larger pool of potential victims.
Information Operations: Deepfakes and Disinformation
- Fake Content Creation: AI can be used to generate fake news, deepfake images, and videos, eroding public trust in media.
- Scalability: These operations can be executed on a large scale, further amplifying their impact.
- Awareness and Verification: Increasing public awareness and developing verification tools for digital content are crucial in combating fake news and deepfakes.
State-Sponsored Cyber Threats
The Big Four
- China: Focuses on internal stability, territorial integrity, and regional influence. Uses stealthy cyber espionage and disruptive operations.
- Russia: Expected to focus on Ukraine, with cyber espionage and disruptive attacks.
- North Korea: Financially motivated operations targeting cryptocurrencies and NFTs to fund national programs.
- Iran: Geopolitical ambitions and regional rivalries drive cyber espionage and disruptive attacks.
- Global Collaboration: Sharing intelligence and collaborating on defence strategies are key to countering state-sponsored threats.
- Advanced Detection Systems: Implementing systems that can detect sophisticated attacks is essential.
Defence Mechanisms in Cybersecurity
Utilizing AI for Cyber Defence
- Enhanced Detection and Response: AI can be used to improve threat detection, response, and attribution.
- Data Synthesis: AI helps in synthesizing large amounts of data for actionable intelligence.
- Zero-Day Vulnerabilities: An increase in zero-day attacks is expected, necessitating advanced detection methods.
- Targeting Cloud Environments: As Cloud usage grows, so does the risk of targeted attacks on these environments.
The cybersecurity landscape in 2024 is expected to be increasingly complex, with generative AI playing a significant role in both attacks and defences. Staying ahead of these threats requires constant vigilance, advanced technologies, and global collaboration. As cyber threats evolve, so must our strategies to defend against them, ensuring a safer digital world for all.
The report forewarns that everyone should be prepared for global activity around the myriad major events being held throughout 2024, including the U.S., European Parliament and other elections, as well as the Summer Olympics in Paris. Additionally, as major global conflicts continue into next year, be prepared for an uptick in disruptive hacktivism. The cybersecurity landscape is constantly evolving, sometimes in new and unexpected ways. Defenders, often with limited resources, have the monumental task of keeping up.