A global leader in AI for cybersecurity has released predictions for 2024 IT trends.
Max Heinemeyer, Chief Product Officer, expects in particular an increasing use of AI in attacks, greater bypassing of multi-factor authentication (MFA), more successful actions by Europol and a consolidation of security platforms.
Cybercriminals develop first AI worm
In 2023, hackers have been testing AI-based malware such as WormGPT and FraudGPT, as well as incorporating other AI solutions into their attack methods. In 2024, APTs, state-sponsored attackers, and professional ransomware gangs will use AI in novel ways. The consequences are even faster and more scalable, personalized and contextualized attacks with a shorter dwell time. In addition, attackers are likely to combine traditional worm ransomware – such as WannaCry or notPetya – with advanced, AI-driven automation for the first time. This creates an aggressive autonomous malware agent with sophisticated, context-based decision-making processes.
MFA is increasingly being circumvented
Since multi-factor authentication is now widespread, attackers have adapted to it and now have ways to circumvent it. These include simply sending countless MFA push messages until the annoyed victim clicks “Accept”, or a complex SIM swap. The trend towards MFA bypassing will increase in 2024. Therefore, organizations must move from viewing MFA as a panacea to protect credentials to detecting unusual activity during and after authentication. This requires a deep and detailed understanding of what is “normal” for a particular identity – such as location, timing, and resources for access. Given dynamic work processes, this is often only possible with the use of AI or ML for pattern recognition.
Europol is taking stronger action against criminal gangs
Europol and national law enforcement authorities will jointly further improve their actions to combat cybercrime. Most recently, they have worked with companies to take successful action against ransomware gangs and other cybercriminals. This trend continues as law enforcement agencies expand their technical capabilities and collaborate across borders. An accompanying trend is strengthening nationwide cyber resilience, for example by financing young talent and training or the mandatory introduction of certain defensive measures.
Further consolidation and platform solutions
2024 will be the year of consolidation and platforms for CISOs. In order to “do more with less,” providers with comprehensive, efficient and demonstrably secure platforms have an advantage. The cybersecurity industry is notoriously fragmented. Many providers have niche offerings for very specific use cases. This often causes CISOs difficulty in managing their provider landscape and finding the optimal level of overlap in the security solutions used. Given the recent crises, they want to consolidate not only their security tools but also the number of vendors they use to increase cost efficiency and reduce management complexity.
Regulations make it difficult to introduce AI
In Europe, expected AI regulations and data protection requirements will complicate the adoption of AI across all industries. This applies in particular to tools that require the storage and use of customer data for model training. Increasing concerns about data protection, coupled with stricter standards for AI development, are preventing many European companies from developing AI in-house or using third-party AI systems.
More at Darktrace.com
About Darktrace Darktrace, a global leader in artificial intelligence for cybersecurity, protects businesses and organizations with AI technology from cyberattacks. Darktrace's technology registers atypical traffic patterns that indicate possible threats. In doing so, it recognizes novel and previously unknown attack methods that are overlooked by other security systems.