Trend Micro shares predictions for 2024 and foresees continued threat from AI-driven attacks

16/12/2023
86

Trend Micro urges industry-led regulation and innovative defense strategies
Amsterdam, Dec. 13, 2023 - Trend Micro, a leader in cybersecurity, warns of the transformative role of generative AI (GenAI) in the cybersecurity landscape and the increase in advanced social engineering attacks and identity theft due to the wide availability of GenAI tools.

Pieter Molen, Technical Director Benelux at Trend Micro said, "Advanced large language models (LLMs) pose a significant threat because they make traditional indicators of phishing, such as strange formatting or grammatical errors, invisible. This makes it extremely difficult to identify phishing emails. Organizations must go beyond conventional phishing measures and training and prioritize the implementation of modern security measures. These modern defenses are not only better at identifying malicious emails than humans, but also provide greater resilience against these tactics."

The wide availability and improved quality of GenAI, combined with the use of Generative Adversarial Networks (GANs), is expected to further disrupt the phishing market by 2024. This transformation will make it possible to create hyper-realistic audio and video content in a cost-effective manner that will increase business email compromise (BEC), virtual kidnapping and other scams.

The potentially lucrative profits* cybercriminals can reap will encourage them to further develop GenAI tools for criminal campaigns. In addition, we will more often see cybercriminals use legitimate tools with stolen login credentials or VPNs to hide their identities.

AI/ML models are becoming targets themselves
While GenAI and LLM datasets are difficult to influence, specialized cloud-based machine learning models are easier to compromise. The targeted datasets on which these ML models are trained are more likely to become targets of data poisoning attacks, aiming to steal sensitive data or disrupt fraud filters or even connected vehicles. It costs less than $100 to launch such attacks today.

However, these trends may also lead to increased regulatory oversight and provide an impetus for the cybersecurity industry to take matters into its own hands. "In the coming year, the cyber industry will outpace the government in terms of developing cybersecurity-specific AI policies or regulations," said Greg Young, VP of cybersecurity at Trend. "The industry is rapidly moving to opt-in-based self-regulation."

Other notable predictions for 2024 include:

  • An increase in cloud-native worm attacks is on the horizon, targeting vulnerabilities and misconfigurations. High levels of automation allow attackers to affect multiple containers, accounts or services with minimal effort.
  • Cloud security is critical for organizations to address gaps in the security of cloud environments. Because cloud-native applications are more vulnerable to automated attacks, proactive measures including robust defenses and thorough security audits are necessary to mitigate risks.
  • Supply chain attacks will no longer focus only on upstream open-source software components, but also on inventory identity management tools. Furthermore, we are going to see cybercriminals more frequently exploit vendor software supply chains through CI/CD systems, with a specific focus on third-party components.
  • Attacks on proprietary blockchains will increase due to vulnerabilities in their implementation. Malicious actors can abuse admin rights to modify, ignore or delete entries and then demand a ransom. They will also attempt to encrypt the entire blockchain when they have control over enough nodes.

Visit the website for more cybersecurity predictions from Trend Micro for 2024.

*BEC attacks cost victims more than $2.7bn in 2022, according to an FBI report.


About Trend Micro
At Trend Micro, we are all about creating a world where we can share digital information securely. We believe that cyber risks are also business risks, and enable organizations to gain full visibility into their digital assets to better understand how well they are protected and where to prioritize investments to reduce these risks.

Trend Micro helps organizations reduce cyber risk by anticipating global changes in modern infrastructures, evolutions in threats, shifts in user behavior and advances in application development. The company helps customers transform their cyber security from using isolated technologies to a unified security platform that accelerates digital transformation, hybrid team collaboration, SOC modernization, vendor consolidation and operationalization of zero trust strategies, while integrating with their existing investments and partner ecosystem.

Our platform and services are deployed by more than 500,000 enterprise customers in 175 countries and are recognized by industry analysts.

For more information:

Trend Micro
Ilona van Ginkel
E-mail: ilona_van_ginkel@trendmicro.com

Whizpr
Paul Maris / Martine Korthals
E-mail: trendmicro@whizpr.nl

Read more: here.

Recent

Caseware Welcomes Danielle Supkis Cheek as Vice President, Head of Analytics and AI

'On paper, engineering education cannot inspire'

'State actors employ increasingly sophisticated cyber attacks'

Several vulnerabilities in Microsoft Office

© Dutch Tech On Heels - 2024
Made with
Web Wings