2023 has been an eventful year for the cybersecurity industry, and 2024 promises to be even more exciting. AI had a major impact this year on virtually every sector (including cybersecurity) as it entered the mainstream, but this also brought a wave of new types of AI threats and attacks, a trend that will continue into 2024. We also saw attacks like the MGM breach, which underscored the dangers of complacency regarding cybersecurity controls. One of the major challenges in cybersecurity is staying on top of all these novel events and concepts without losing sight of the existing security posture. To help you identify which areas to prioritize, this article provides an overview of the key trends that will be important to consider in 2024. To remain successful, every cybersecurity professional should know these and prepare for them.
Generative AI Risks
ChatGPT’s meteoric rise in 2022 was unprecedented, and it continued its dominance in 2023. While other competitors have also jumped onto the generative artificial intelligence (GenAI) bandwagon with their own solutions, ChatGPT continues to be the market leader. But despite offering productivity boosts, GenAI tools have also introduced new types of risks. As these tools become increasingly integrated with business applications and data, we expect unique attacks targeting them to become more mainstream in 2024.
Some of the key risks introduced with GenAI are:
- Prompt Injections: Attackers can “trick” the GenAI model into revealing sensitive information or carrying out instructions it is not designed for. These attacks bypass the content filters present in the model. Like a social engineering attack against a human, they fool the AI into carrying out unauthorized activities.
- Hallucinations: The GenAI model can deliver incorrect information, which can cause serious problems if the output is used for making sensitive decisions. This problem is especially dangerous given that most users blindly accept the responses generated by GenAI without verification.
- Privacy Issues: The amount of data stored within these tools can be a goldmine for attackers to try and compromise. Despite regulations in the pipeline, user awareness of how their prompts are used to train these models remains low.
- Malicious GenAI models: Tools like WormGPT have been released to demonstrate how GenAI abilities can be weaponized and used to generate malicious attacks. This will significantly reduce the learning curve for bad actors to launch new cyberattacks.
Industry initiatives like the OWASP Top 10 for Large Language Model (LLMs) are a welcome step forward to educate cybersecurity professionals and developers on the risks present within these models and how to mitigate them.
The Rise of Autonomous AI
ChatGPT and similar tools are Large Language Models (LLMs) that work by responding to prompts from the user. These tools have remained mostly passive and unable to actually act on the information they receive—but that is set to change with the emergence of Autonomous AI.
Tools like AutoGTP and AgentGPT can take the power of LLMs one step further by acting based on prompts they receive. These “AI agents” require only a high-level definition of a task, then they can divide this task into subtasks and get started. These tasks can come in many forms, such as booking a ticket, creating a file, downloading information, etc. While these tools are in their infancy, their potential for legitimate and illegitimate activities is massive. Expect them to increase in popularity once their capabilities are more refined and enterprise versions of these solutions are released.
AI-based Solutions and Attacks
AI’s transformative potential and its superior threat detection abilities will remain essential for cyberdefense in 2024. It is highly likely that many more solutions will begin integrating AI capabilities to keep up with the massive industry shift.
While this can be beneficial, these new kinds of applications will inevitably be targeted by new kinds of attacks. Cybercriminals are learning how to maliciously manipulate the machine learning models that power these AI applications for their misuse. Attacks like inference and data poisoning can alter the behavior of AI applications, leading them to make wrong decisions that can have real-life impacts. For example, self-driving vehicles powered by machine learning are rapidly gaining popularity. Attackers can subvert their learning algorithms, causing them to misidentify objects and persons, leading to accidents. Cybersecurity professionals must incorporate AI-based security testing into their application processes to ensure that new applications are tested before going live.
Lastly, cybercriminals are learning to leverage the power of AI for their malicious purposes. In addition to tools like WormGPT, 2023 also saw a proof of concept of mutating malware powered by the ChatGPT model. This malware was able to evade some of the top industry-grade protection efforts and remain undetected due to its AI-powered capabilities. Expect AI-based malware and social engineering to become common as cybercriminals become more competent with using AI in their activities.
The Impact of Quantum Computing
We are rapidly getting closer and closer to the rise of quantum computing in the mainstream, which will be a game-changer for cryptographic security—both positively and negatively. Harnessing the power of quantum computing will allow encryption techniques that were previously impossible. Unfortunately, they also will make current encryption controls obsolete, as the power offered by this computing model allows bad actors to easily break current encryption standards.
Cybersecurity professionals will need to upskill in 2024 and understand the implications of quantum-safe computing resistant to such attacks. Migrating existing encryption controls to quantum-secure ones will require massive effort and investment. Implementing quantum encryption while maintaining backward compatibility with legacy infrastructure is no easy feat, but it will become a necessity as quantum-powered attacks increase.
Increased Adoption of Zero Trust
Zero Trust has been on the rise for the past couple of years as organizations realize its flexibility and security benefits. The core principle of Zero Trust is “Never Trust. Always Verify”, which is supported by other complementary principles that work together to create a new way of securing networks without relying on perimeter controls.
However, adopting Zero Trust has not been easy, given the difficulties in modifying existing security controls and working around legacy infrastructure. We expect security vendors and companies to recognize this and implement native Zero Trust principles and capabilities in their solutions. This will make the adoption process easier for organizations and accelerate the move toward improved security. We also expect more organizations to start designing their networks with Zero Trust in mind from the beginning.
Cloud Security Risks
Cloud adoption will continue to increase in 2024, especially given the massive popularity of AI platforms; most companies do not want to invest in the storage and processing power required for running such applications, and the cloud provides a solution. According to Gartner, over 85% of organizations will embrace a cloud-first model by 2025 and be unable to fully execute their digital strategies without using cloud-native technologies. Additionally, organizations will continue to move towards hybrid or multi-cloud environments to give them more options and flexibility for their workloads.
These technology trends mean that cloud security will remain a major concern going into 2024. Securing cloud environments requires a deep understanding of cloud architectures and platforms to be executed correctly. Some of the critical areas of focus for CISOs are:
- Upskilling of teams: The cloud security skill gap is a significant concern, and CISOs should ensure that the relevant skills are developed within teams going into 2024. Understanding cloud-native security tools is essential for securing these platforms against attacks.
- Misconfigurations: Most cloud breaches occur not due to malware or cyberattacks but due to cloud misconfigurations that expose services over the internet. Attackers then exploit these to breach the cloud environment. Implementing cloud-aware tooling that can react in real-time is essential to fix misconfigurations when they occur.
- Lack of Visibility: As multi-cloud and hybrid environments rise in popularity, visibility over the cloud security posture will continue to be challenging for CISOs. Organizations are increasingly splitting their workloads between on-prem and cloud or between cloud providers, increasing the attack surface. This trend will continue going into 2024, making cloud-aware tooling necessary. CISOs should invest in solutions that provide visibility across the cloud real estate and provide real-time responses to cloud vulnerabilities.
Supply Chain Cybersecurity Risks
Supply chains have continued to be a significant cybersecurity risk in 2023, and this trend shows no sign of stopping in 2024. Attackers recognize the damage and increased “blast radius” of such attacks, allowing them to compromise multiple victims at the same time. The software supply chain continues to be a blind spot for many companies, with attackers able to exploit vulnerabilities in the hundreds to thousands of dependencies that are present.
We saw this come into effect with the MOVEit compromise, in which attackers compromised the popular managed file transfer application. With thousands of organizations using this tool, the attackers were able to gain access to high-profile victims like the BBC, British Airways, Boots etc. The compromise was severe enough for the attackers to access sensitive information, databases, and administrative access within the victim’s environments. The impact of this breach is still being felt, with attackers still actively exploiting it.
Vendor risk management will continue to be essential in 2024 as a way to allow organizations to assess their level of exposure against these supply chain attacks. By understanding the supply chain and where critical dependencies are present, organizations can set up appropriate defenses before they are targeted.
The Rise of IoT Attacks
The rise of IoT devices will continue to pose a severe challenge for cybersecurity professionals in 2024. IoT devices provide unique automation, user experience opportunities, and a massive attack surface that cybercriminals are happy to exploit. Their lightweight nature means they are optimized for performance and can be challenging to secure, given their limited processing and storage capabilities. Vulnerabilities in one device can be enough to allow the attacker to compromise and hijack hundreds to thousands of IoT devices in a massive compromise. Cybersecurity teams will need to understand the challenges of securing IoT devices and work with their vendors to improve the overall security posture before they are targeted.
The Way Forward into 2024
With new challenges and solutions on the horizon, 2024 promises to be another interesting year for cybersecurity. Transformative technologies like AI and quantum computing will bring about massive security improvements while also introducing unique types of risk. Adopting architectures like Zero Trust will allow organizations to future-proof their cybersecurity frameworks against attacks, while the cloud continues to bring challenges alongside its usefulness. By remaining aware of these new innovations and trends, and striking the proper balance between investing in skills and technology, organizations will be able to meet the challenges of 2024 head-on.
Thank you for trusting us to help with your cybersecurity needs. Contact us any time – we’re always happy to help.
Adam
