IBM’s 2024 predictions present gen AI is the brand new DNA of cyberattacks

IBM predicts attackers will strengthen their arsenals with generative AI and take their assault tradecraft to a brand new, extra deadly degree in 2024. The brand new 12 months indicators the beginning of a brand new period of deception and identification abuse, IBM’s predictions warn, with attackers compromising networks with counterfeit and stolen privileged entry credentials. 

Seventy-five % of safety failures begin as a result of privileged entry credentials and their related identities aren’t managed securely, in response to Gartner. That’s up from 50% simply three years in the past. 

Unit 42’s Cloud Menace Report discovered that 99% of analyzed identities throughout 18,000 cloud accounts from greater than 200 organizations had a minimum of one misconfiguration, indicating gaps in Id Entry Administration (IAM) safety. 

CrowdStrike’s 2023 Menace Searching Report discovered that “80% of cyberattacks leveraged identity-based strategies to compromise authentic credentials and attempt to evade detection.” The report continues, “This 12 months, the report reveals adversaries are doubling down on stolen credentials, with a 112% year-over-year enhance in commercials for access-broker providers recognized within the legal underground.” 

Why gen AI is turning into the brand new DNA of cyberattacks 

Attackers know the place probably the most susceptible gaps are throughout risk surfaces, and so they’re utilizing gen AI to search out new methods to use them. IBM implies that assault methods will take a extra multidimensional strategy, with extra subtle social engineering techniques created utilizing gen AI main the best way. 

Listed below are IBM’s ten cybersecurity predictions for 2024:   

• 2024 would be the 12 months of deception. Charles Henderson, world head, IBM X-Pressure, predicts 2024 goes to be a busy 12 months for cybercriminals amid ongoing geopolitical tensions, main elections within the U.S. and European Union and the largest sporting occasion on the earth (Paris Olympics) all happening inside a number of months from one another. Henderson notes, “It’s an ideal storm of occasions that’s going to see disinformation campaigns on an entire new degree.”

  “Cybercriminals have every little thing they should deceive unsuspecting customers, customers and even public officers via AI-engineered deception techniques. We’re about to see improved deep fakes, audio fakes and really convincing AI-crafted phishing emails in cybercriminals’ efforts to deceive the general public and advance their malicious aims,” Henderson added.

• GenAI is about to make “buyer acquisition” a lot simpler for cybercriminals. Henderson says that cybercriminals have had restricted success monetizing the info they’ve exfiltrated from tens of 1000’s of corporations. He factors out that gen AI is already altering that. Gen AI permits for the info to be filtered, correlated and categorized in minutes. Thus, attackers’ methods will look extra like a buyer acquisition course of because the 12 months progresses.  

• Enterprises are going to see an inflow of “Doppelgänger Customers” as identity-based assaults escalate. “Within the subsequent 12 months, I count on we’ll see extra “doppelgänger” customers popping up in enterprise environments, with customers behaving a sure manner someday, and one other manner the following — this irregular conduct ought to be enterprises’ signal of compromise,’ predicts Dustin Heywood, chief architect of IBM X-Pressure. “With tens of millions of legitimate enterprise credentials on the Darkish Internet proper now and the quantity persevering with to rise, attackers are weaponizing identification, viewing it as a stealthy technique of entry to overprivileged accounts.” 

• Prepare for the AI Model of Morris Worm signaling a brand new period of cyberattacks. The Morris Worm is taken into account the primary cyberattack ever reported in 1988. John Dwyer, head of analysis, IBM X-Pressure says a “Morris Worm-like” occasion the place AI is confirmed for use to scale a malicious marketing campaign is imminent. “With AI platforms beginning to develop into usually obtainable to companies, adversaries will start testing the nascent AI assault floor with exercise growing as AI adoption begins to scale. Whereas we’re nonetheless far out from the day the place AI-engineered cyberattacks develop into a norm, these items don’t occur in a single day – however the ‘premiere’ is probably going across the nook,” predicts Dwyer. 

• Amid a midlife disaster, Ransomware is heading for a makeover.  Dwyer predicts “ransomware could also be going through a recession in 2024, as extra nations pledge to not pay the ransom, and more and more fewer enterprises succumb to the stress of encrypted programs – selecting to divert funds to rebuilding programs versus decrypting programs.” IBM discovered that ransomware operators battle with money circulate points making it troublesome to fund their resource-intensive campaigns. 

• Generative AI adoption will power CISOs’ deal with vital knowledge. Akiba Saeedi, vp of knowledge safety, IBM Safety, says that “knowledge safety, safety and privateness measures are the linchpin to the success of an AI-driven enterprise mannequin, however with knowledge turning into extra dynamic and lively throughout the surroundings, the invention, classification and prioritization of vital knowledge will likely be a high motion for safety leaders in 2024.” Saeedi observes that “with enterprises starting to embed gen AI into their infrastructure, they’re coping with new threat launched by centralizing varied sorts of knowledge into AI fashions, varied stakeholders accessing these fashions and knowledge they’re ingesting,  in addition to the precise inference and reside use of the mannequin. This threat will drive CISOs to redefine what knowledge can introduce an existential risk to the group if compromised (e.g. elementary IP) and reassess the safety and entry controls surrounding it.”

• Gen AI will degree up the function of safety analysts. Chris Meenan, vp, product administration, IBM Safety says corporations have been utilizing AI/ML to enhance the efficacy of safety applied sciences for years – however the introduction of generative AI will likely be aimed squarely at maximizing the human ingredient of safety. Meenan predicts that “on this coming 12 months, gen AI will start to tackle sure tedious, administrative duties on behalf of safety groups – however past this, it would additionally allow much less skilled group members to tackle tougher, larger degree duties.”  “By embedding any such gen AI into present workflows, it is not going to solely unencumber safety analysts’ time of their present roles however allow them to tackle tougher work – assuaging a number of the stress that has been created by present safety workforce and expertise challenges,” Meenan predicts. 

• From risk prevention to prediction — cybersecurity nears a historic milestone. “As AI crosses a brand new threshold, safety predictions at scale have gotten extra tangible,” observes Sridhar Muppidi, CTO, IBM Safety. Muppidi predicts “Though early safety use circumstances of generative AI deal with the entrance finish, bettering safety analysts’ productiveness, I don’t suppose we’re removed from seeing generative AI ship a transformative affect on the again finish to fully reimagine risk detection and response into risk prediction and safety,” Muppidi says.

• A brand new strategy to safety’s “Id Disaster” is coming. Wes Gyure, director of identification and entry administration, IBM Safety, observes that “Previously, organizations hoped to consolidate these identities by way of a single identification resolution or platform, however in right this moment’s actuality organizations are coming to phrases with the truth that this strategy is neither sensible nor possible.” Gyure predicts that “Within the coming 12 months, organizations will transfer to embrace an “identification material” strategy which goals to combine and improve present identification options slightly than substitute them. The aim is to create a much less complicated surroundings the place constant safety authentication flows and visibility will be enforced.”

• Harvest Now, Decrypt Later” assaults to develop into extra widespread with Quantum developments. “Quantum system efficiency continues to scale nearer to the purpose of being cryptographically related, with research performed by World Financial Discussion board, Nationwide Safety memorandums, and timelines printed by CNSA suggesting quantum computer systems may have the flexibility to interrupt probably the most broadly used safety protocols on the earth by as early because the 2030s,” predicts Ray Harishankar, IBM Fellow, IBM Quantum Protected. He cautions that “programs are susceptible to “harvest now, decrypt later” assaults — the place unhealthy actors steal and retailer knowledge for later decryption on the possibility of accessing such future quantum computer systems. With quantum computing advancing quickly, we consider these assaults will develop into extra widespread over the following a number of years.” Harishankar says the U.S. Nationwide Institute of Requirements and Know-how (NIST) has already begun the method of growing new quantum-safe cryptography requirements and is predicted to publish its first official requirements in early 2024.