In the last year, credential interception attacks, such as those exploiting the Citrix NetScaler vulnerability, have resulted in cybercriminal groups having millions of potential logins. In 2024, the number of cyberattacks using stolen or fake digital identities will continue to rise.
This circumstance is likely to cause massive problems again in many German companies in 2024. Cybercriminals rely on companies using a wide variety of cloud infrastructures and solutions and thereby losing track of their access and access authorizations. To protect themselves from a flood of cloud-based user account takeovers, organizations must increase the visibility and resilience of their cloud environments. You need to detect stolen or fake identity attacks before they become a security incident.
NIS2 sets new security standards
On December 14, 2022, the EU Parliament and EU Council adopted Directive 2022/2555, also known as NIS2. In the coming months, the European national legislators will transpose the EU directive into national law and provide specifications and details. Estimates currently assume that around 30.000 German companies will be affected - of which only around 40 percent currently have NIS2-compliant insurance. Cloud infrastructures are also affected by the new requirements.
Optimizing phishing attacks with AI
After the initial wave of hype last year, many companies tested the use of Large Language Models (LLMs). But if you take a closer look at this trend, it becomes clear that the initial curiosity will soon fizzle out. LLMs are generally difficult to use because they are not (yet) able to recognize context or provide reliable results. So widespread use of LLMs will decline in 2024 and companies will limit their use until the technology is more mature and easier to use. Cyber criminals face similar problems. It is therefore unlikely that AI will be used on a large scale to generate malicious code in 2024. It is more likely that cybercriminals will continue to use generative AI to generate photo, audio and video deep fakes.
False positive attack reports flood alerts
Combined with the use of AI-supported attacks on user account data, it can be assumed that hybrid attack techniques will also continue to gain in popularity. These can be recognized by modern IT security tools, but they must also be equipped with the appropriate rules. More attack techniques mean more security rules - and therefore more warning messages that have to be processed daily. Management will quickly push IT security teams to their limits. IT decision-makers are therefore well advised to look for an effective, AI-supported attack signal intelligence solution that allows security employees to focus on what is important – protecting business operations.
More at Vectra.ai
About Vectra Vectra is a leading provider of threat detection and response for hybrid and multi-cloud enterprises. The Vectra platform uses AI to quickly detect threats in the public cloud, identity and SaaS applications, and data centers. Only Vectra optimizes AI to recognize attacker methods - the TTPs (Tactics, Techniques and Processes) that underlie all attacks - rather than simply alerting on "different".
Matching articles on the topic