With artificial intelligence (AI), cybercriminals are becoming more creative, faster, and more difficult to counter. For this reason, the costs to be incurred for cybersecurity will increase more and more.
According to some forecasts , cybersecurity costs will increase globally to $10.5 trillion by 2025, due to the growing sophistication of cybercrime. This is also thanks to the continuous evolution of AI, which helps cybercriminals to become increasingly creative.
Several analysts highlighted the escalating threat posed by the proliferation of deepfakes generated through advanced AI. A surge in FBI reports also reflects this trend. These malicious creations, intended to sow disinformation and inflict severe harm, have led to a rise in public crises, family extortion, and operational disruptions.
The increasing sophistication of generative AI, coupled with financial incentives, is expected to intensify these threats, prompting the anticipation of a wave of new regulations in 2024 to address the growing risks associated with AI.
Experts acknowledged the historical effectiveness of multi-factor authentication (MFA) in safeguarding sensitive information but noted a concerning trend of high-profile MFA and social engineering attacks. In response, they suggested a potential shift towards a more widespread adoption of MFA anti-phishing technology. This evolving approach involves users receiving unique tokens or codes for login, which are exclusive to the current session and cannot be reused on other devices.
Several experts also emphasized the necessity for ongoing adaptation to emerging threats, shedding light on ‘juice jacking’. They see it as a potential danger posed by charging cables that may compromise user data, especially in public charging hubs.
While acknowledging it as a limited risk, cybersecurity firms underscore the crucial importance of maintaining vigilance. Especially in the face of evolving cyber threats within our interconnected digital landscape.
Cyber protection firm Acronis chairman Gaidar Magdanurov emphasized the critical role of cyber protection – a holistic integration of cybersecurity and backup – as a paramount concern in bolstering cyber defenses.
Magdanurov envisioned a shift to multi-layered defense strategies in response to the widespread use of AI and automation. This approach includes preventative measures like vulnerability assessment, patch management, detection through endpoint control, and comprehensive remediation covering recovery, backup, and forensic analysis.
He highlighted customer expectations for seamless user experiences, driving vendors to improve integration with other applications. Predicting a rise in integration platforms, Magdanurov anticipateed increased API exposure, enabling vendors and specialized providers to access platform customer bases at minimal cost.
Reflecting on 2023, Magdanurov highlighted AI-assisted social engineering attacks. An example? The Las Vegas casino ransomware incident . Acronis chari predicted a rise in such attacks in 2024, potentially becoming widespread. Scenarios include AI-generated victim voices to bypass not only biometric authentication and deceptive interactions with IT helpdesks for password resets or 2FA disablement but also social engineering attacks targeting individual employees like ‘CEO fraud.’
Furthermore, Magdanurov warned about the pervasive use of Large Language Models (LLMs). AI models like ChatGPT may help generate copious amounts of text. This could flood the internet, forums, company blogs, and social media with fake content, not necessarily driven by malicious intent but due to the challenge of distinguishing valid ChatGPT responses from LLM forgeries.
Experts suggest this may extend to platforms like Wikipedia, emphasizing the need for heightened vigilance against AI-generated content.
Head of Cybersecurity at Acronis, Kevin Reed, said a future where programmers ubiquitously leverage LLMs to automatically generate code, akin to the past reliance on Stack Overflow but on an unprecedented scale.
Reed said: “The pervasive use of LLMs raises concerns about diagnosing resulting bugs and potential security vulnerabilities, creating a challenging landscape that could be exploited, potentially with additional LLM assistance.”
He also predicted the adoption of LLMs by ransomware authors to craft more sophisticated malicious software. Despite protective measures implemented by LLMs, Reed emphasized the persistent challenge of deducing the intent of software development. This leaves room for bypasses and the continued proliferation of ransomware.
Expressing skepticism about large companies significantly enhancing their protections, Reed anticipated a surge in high-profile ransomware attacks.
“As a result, cybercriminals are likely to shift their focus to medium-sized companies, seeking additional avenues to scale their operations. While ransomware deployment currently relies heavily on manual operations, the automation of these processes could enable attacks on a larger scale, albeit with potentially reduced extortion amounts per target.”
The expert observed this trend unfolding, likening certain ransomware syndicates to franchises.
In response to these emerging threats, Reed underscored the anticipation of continued growth in cybersecurity spending. According to Gartner’s projection , global spending on cybersecurity and risk management may increase by 14% in 2024 compared to 2023. In fact, it may reach a staggering $215 billion this year. This increased investment reflects the growing imperative to counteract evolving cyber threats and safeguard digital landscapes against the expanding reach of malicious actors.