SecurityBrief New Zealand - Technology news for CISOs & cybersecurity decision-makers
Story image
AI to customise cyber threats, predicts cybersecurity firm Gen
Fri, 8th Dec 2023

Artificial Intelligence (AI) is anticipated to both escalate and personalise cybersecurity threats, as revealed by global cybersecurity solutions provider, Gen. These predictions for 2024 reflect a growing incorporation of AI into cybercrime schemes, providing cybercriminals increased sophistication in conducting targeted and personalised attacks.

Gen's top cyber threat predictions for 2024 emphasise the importance of consumers recognising and protecting their digital presence from highly individualised threats. Such threats can range from cybercriminals using deepfakes to mimic relatives or colleagues' voices and appearances, to seemingly trustworthy spyware apps delivered via realistic ads or direct messages. In contrast with the past, cybersecurity is increasingly becoming an indispensable part of daily life and not just pertinent to businesses or tech-savvy individuals.

Michal Pechoucek, Chief Technology Officer at Gen, stated that "In 2024, cybersecurity will become even more engraved in the average person's daily life. Our team of experts foresees AI playing a huge role in how threats will be created that allow criminals to produce more sophisticated and believable scams." This includes a colossal advancement in AI that could fuel an upsurge in cybercrime. Text generation, text-to-video, and other multimedia creation tools will grant cybercriminals enhanced capabilities, rendering it even more challenging to distinguish a genuine recorded video from a fabricated one.

Furthermore, Gen anticipates social engineering to become a primary tool for threat actors aiming to manipulate people's emotions and vulnerabilities. This manipulation could manifest through AI-generated content on social media promoting fake news, deceptive advertisements, or even deepfakes of public figures. The influence of social engineering will further be amplified in the corporate arena with the evolution of Business Communication Compromise (BCC) attacks.

Digital blackmail in individuals and businesses is projected to become more targeted. Cybercriminals could potentially obtain data to hold for ransom from the dark web or through exploiting VPN infrastructure. An alarming rise is anticipated in attacks on cloud infrastructure, which may result in serious challenges for cloud-based organisational structures.

Despite advancements in financial technology, mobile apps are also expected to increasingly engage in spying and extortion. Gen predicts a surge in the creation and distribution of deceptive chat applications that target mobile devices. These applications ostensibly conceal crypto-stealing or spyware modules within their seemingly innocent interfaces.

Last but not least, the evolving landscape of cryptocurrency will likely breed new opportunities for cybercriminals. With hardly any opportunity to reverse fraud and flag scams, cybercriminals can easily target crypto owners through a number of avenues, including breaching cryptocurrency exchanges or exploiting smart contracts.

To protect against these escalating threats, Gen recommends scepticism towards potential scam texts, emails or social media messages. The use of unique passwords and multi-factor authentication can substantially bolster cyber defences. Comprehensive privacy, security and identity protection can also add an additional layer of safety. Moreover, they emphasise not to overlook mobile devices and to make sure an updated mobile security is installed to mitigate cyber risks.