Generative AI to open new cyberattack avenues: Google

Google Cloud unveils key insights for cybersecurity planning in 2024

Read more...
by

Somshankar Bandyopadhyay

Published: Wed 10 Jan 2024, 4:44 PM

Last updated: Wed 10 Jan 2024, 4:45 PM

In 2024, the rapidly evolving world of generative AI will provide attackers with new ways to conduct convincing phishing campaigns and information operations at scale, a new report showed.

According to Google Cloud’s Cybersecurity Forecast report for 2024, while new technologies will aid cybersecurity teams, they can also expand the attack surface. “However, defenders will use the same technologies to strengthen detection, response, and attribution of adversaries - and more broadly reduce toil, address threat overload, and close the widening skills gap,” the report said.

The report compiles forward-looking thoughts from security leaders and experts from different teams across Mandiant, Google Cloud and VirusTotal, who are on the frontlines of the latest and largest attacks.

Advertising
Advertising

Renze Jongman, strategic threat intelligence specialist, MEA at Google Cloud said: “While the rapid development of new technologies like AI will allow attackers to speed up and scale their criminal operations, it also offers unique ways for defenders to combat the threat. The GCC region has a growing number of young and talented cybersecurity graduates, keen to contribute to defending their countries and organisations against cyber attacks. They can now start to have an exponential impact and rapidly grow and expand their skill set by leveraging AI in their investigations and operations.”

The cybersecurity landscape is constantly evolving, sometimes in new and unexpected ways. Defenders, often with limited resources, have the monumental task of keeping up. Here are some of the key takeaways from the Google Cloud Cybersecurity Forecast 2024 to help prepare for the year ahead:

• AI for attack and defence: AI is set to revolutionise cybersecurity for both attackers and defenders. Attackers are expected to leverage generative AI and large language models to create more sophisticated phishing and social engineering tactics, as well as to add scale to information operations. Defenders will utilize AI to enhance threat detection, response and attribution capabilities, as well as speed up analysis and other time-consuming tasks like reverse engineering.

Renze Jongman, strategic threat intelligence specialist, MEA at Google Cloud. — Supplied photo

• Continued use of zero-day exploits: An increased reliance on zero-day vulnerabilities by attackers is anticipated by both nation-state and cybercriminal groups, aiming to evade detection and maintain prolonged access to compromised systems. Edge devices and virtualisation software are particularly attractive to threat actors because they are challenging to monitor. Cybercriminals know using a zero-day vulnerability will increase the number of victims and, based on recent mass extortion events, the number of organisations that may pay high ransomware or extortion demands.

• Growing prevalence of mobile cybercrime: Expect an increase in mobile cybercrime, with scammers using advanced and novel social engineering tactics like fake domestic help services, counterfeit social media, bank, or government communications, and deceptive pop-up alerts to trick victims into installing malicious apps on their mobile devices. Jongman added: “This type of social engineering has grown rapidly across the Middle East in recent years, and while governments and organizations are already taking measures to protect their customers, this threat is likely to grow both in volume and sophistication across the region.”

• Maturing of attacks targeting hybrid and multicloud environments: With organisations around the world moving to the cloud, threat actors will look to exploit misconfigurations and identity issues to move laterally across different cloud environments.

• Escalating espionage and “sleeper botnet” tactics: Espionage activities will evolve and find more ways to scale, including the use of “sleeper botnets” created from vulnerable IoT, and small/home office or end-of-life devices. These botnets can be used and discarded as needed, complicating attribution efforts.

• Resurgence of older attack techniques: There is an expected revival in using older, less common cyberattack techniques which aren’t widely understood. These methods, often overlooked in modern detection systems, could provide attackers with a stealthy means to breach defences.

Somshankar Bandyopadhyay

Published: Wed 10 Jan 2024, 4:44 PM

Last updated: Wed 10 Jan 2024, 4:45 PM

Recommended for you