Cyber Security

Ahead of the Curve: Kaspersky’s Projections for 2024’s Advanced Threats Landscape

171
(source: Kaspersky)

Kaspersky Global Research and Analyses Team (GReAT) experts offer insights and projections for 2024 in the Kaspersky Security Bulletin, focusing on the evolution of Advanced Persistent Threats (APT).

AI-powered Impersonation, The Rise of Creative Exploits for Mobile, and New Botnets

Emerging AI tools are making spear phishing attacks more efficient by automating the process of creating messages that can mimic the writing style of a specific individual. Attackers can gather online data and use it to train language learning models (LLMs) to craft letters that are more likely to deceive the victim by appearing to be from someone they know or trust. This poses a significant threat to individuals and organizations, making it easier for cybercriminals to infiltrate sensitive systems and steal valuable information.

Operation Triangulation” has led to a groundbreaking year for mobile exploits. This has inspired more research on APTs attacking mobile, wearables, and smart devices. As such, threat actors will likely broaden their surveillance efforts and target various consumer devices through vulnerabilities and “silent” exploit delivery methods. This includes zero-click attacks through messengers, one-click attacks via SMS or messaging apps, and network traffic interception. Therefore, protecting personal and corporate devices has become increasingly vital.

Growth in Cyberattacks by State-sponsored Actors and Hacktivism as a New Normal

With increasing geopolitical tensions, there is a potential surge in state-sponsored cyberattacks in the year ahead. These attacks will likely threaten data theft or encryption, destruction of IT infrastructure, long-term espionage, and cyber sabotage.

Hacktivism is another trend that has become more common as part of geopolitical conflicts. Geopolitical tensions indicate a probable increase in hacktivist activity, both destructive and aimed at spreading false information. This leads to unnecessary investigations and, subsequently, alert fatigue of SOC analysts and cybersecurity researchers.

Supply Chain Attacks as a Service: Operators’ Bulk-buying Access

Supply chain attacks are becoming increasingly common, with smaller companies often targeted to breach larger ones. The Okta breaches that occurred in 20222023 highlight the scale of this threat. The motives behind these attacks can range from financial gain to espionage. In 2024, there may be new developments in dark web access market activities related to supply chains, enabling even more efficient large-scale attacks.

Emergence of More Groups Offering Hack-for-hire Services

Hack-for-hire groups are growing, offering data theft services to clients such as private investigators and business rivals. This trend is expected to continue in the coming year.

Kernel Rootkits are Hot Again

Kernel-level security measures such as Kernel Mode Code Signing, PatchGuard, and HVCI (Hypervisor-Protected Code Integrity) are being bypassed by cybercrime groups and APTs. This leads to a rise in Windows kernel attacks, enabled through WHCP abuses. The underground market for EV certificates and stolen code signing certificates is growing. Threat actors increasingly use BYOVD (Bring Your Own Vulnerable Driver) as a part of their tactics.

Managed File Transfer (MFT) Systems Used for Advanced Attacks

MFT systems face increasing cyber threats, exemplified by the breaches of MOVEit and GoAnywhere in 2023. Cyber adversaries are targeting MFT systems for financial gain and operational disruptions. The complex MFT architecture has inherent security weaknesses, making it vulnerable. 

To strengthen MFT systems against evolving threats, organizations should implement robust cybersecurity measures such as Data Loss Prevention and encryption. Additionally, promoting cybersecurity awareness among employees can help fortify MFT systems against potential attacks.

The APT predictions have been developed thanks to Kaspersky’s threat intelligence services used worldwide. Read the full report on Securelist.

Written by
Tech Beat Philippines

Tech Beat Philippines is the social media news platform for all things technology. It is also a part of the GEARS section on Daddy's Day Out.

Leave a comment

Leave a Reply

Your email address will not be published. Required fields are marked *

Daddy’s Day Out is a platform that celebrates modern masculinity and offers a space where men can unite, learn, and grow together. It fosters a community where authenticity, support, and self-expression thrive unapologetically.

Related Articles

Businesses in Southeast Asia Face Over 23 Million Bruteforce Attacks in 2024, Reports Kaspersky

Kaspersky reported a massive record of over 23M bruteforce attacks targeting businesses...

Kaspersky Reveals IT Security Headaches: Data Protection, Complex Tech, and Downtime

Kaspersky IT Security Economics reported most companies are most concerned about productivity loss, securing...

Business in Southeast Asia Faced Over 140K Web Threats Everyday, Reveals Kaspersky

With Southeast Asia’s rapid digitalization, businesses in the region face a growing...

Globe Telecom, Vectra AI Partner to Strengthen Network Cybersecurity Operations

To enhance its cybersecurity operations across its network, Globe Telecom has partnered...