Cybersecurity experts from SecurityScorecard are unveiling a set of 2024 predictions that highlight the evolving threats organizations and governments will face in the digital landscape, from AI-driven attacks to the impact of third-party breaches on cybersecurity.
Ryan Sherstobitoff, Senior Vice President, Threat Research & Intelligence, SecurityScorecard
Threat actors will use AI to exploit Zero Days in half the time.
Threat actors are harnessing the power of artificial intelligence to work faster. The surge in AI adoption seen in 2023 is just the beginning. In the coming year, we predict an exponential increase in zero-day vulnerabilities. Here's the kicker: Threat actors will exploit large language models (LLMs) to craft sophisticated exploits, reducing the average time to known exploitation by half. The result? A fierce AI arms race between defenders and attackers, both leveraging technology for protection and infiltration.
Crypto clash: 2024 halving event rings cybersecurity alarm bells!
Cryptocurrency has long been a haven for nefarious actors, taking advantage of its decentralized nature to launder money. But mark your calendars for Spring 2024, as Bitcoin's next halving event approaches. This event, occurring every four years, will cut the rate of new Bitcoin creation in half. What does this mean for cybersecurity? Brace for an uptick in ransomware attacks targeting cryptocurrency exchanges, exploiting known vulnerabilities, and using phishing tactics to capitalize on this event.
Jared Smith, Distinguished Engineer, R&D Strategy, SecurityScorecard
Nation-state threat actors will exploit the power of deepfakes, LLMs, and AI voice impersonations to conduct widespread social engineering attacks leading up to the 2024 U.S. presidential elections.
In the lead-up to the 2024 US presidential elections, a new era of misinformation will increase public distrust. Nation-state threat actors are embracing cutting-edge technologies, such as deepfakes, LLM-created phishing emails and smishing texts, and AI voice impersonations, to supercharge their disinformation campaigns. These coordinated efforts will usher in an era of social engineering at scale, creating highly realistic misinformation that blurs the line between fact and fiction. Prepare for a battle against deceptive manipulation like never before.
Third-party cyber risk tsunami: 60% of breaches will originate from a third or fourth party.
In 2024, our threat researchers predict that 60% of breaches will be traced back to third or fourth parties. The year 2023 served as a stark reminder of the looming threat posed by third-party cyber risks. Once cybercriminals compromise widely-used software, they gain access to hundreds, or even thousands, of organizations. Your security resilience is only as strong as the weakest link in your ecosystem. To stay secure, you must gain complete visibility into your own security, your vendors, and even your vendors' vendors. Recent incidents like the Okta and MOVEit breaches underscore the profound ripple effect a single software flaw can have on the entire threat landscape.