CS Mar-Apr 2024

More documents

Recommendations

Info

2024 predictions UNCERTAINTY THE ONLY CERTAINTY PART 2 OF COMPUTING SECURITY'S DELVE INTO HOW THE 'DARKER FORCES' OF CYBER SECURITY MIGHT IMPACT THE INDUSTRY IN THE MONTHS AHEAD With 2024 awell underway, how it is likely to pan out for the security industry is a matter of certainty, conjecture, opinion and guesswork. What is certain is that it won't be any easier a ride than previous years when it comes to warding off the hackers and attackers, the ransomware demands, the less appealing aspects of AI or the many other threats that have to be faced up to and resisted. With those caveats in mind, here are the thoughts on what lies ahead, delivered by several of those in the know. JEFF WILLIAMS, CTO AND CO-FOUNDER, CONTRAST SECURITY: "Now that many people are working from home, due to coronavirus, businesses up and down the land are facing unprecedented cybersecurity challenges. Unfortunately, one of those challenges is that hackers are already attempting to capitalise on the crisis by attacking with viruses of their own. In fact, thousands of COVID-19-related websites are being launched by cybercriminals. "As organisations and workers navigate this new work-from-home world and the threats that come with it, the World Economic Forum has provided a checklist of ways that individual users and businesses can protect from cyberattacks during COVID-19 that are helpful: "Better understand threats to the organisation. Since more employees are working from home, security teams need to identify likely attack vectors and prioritise the protection of their most sensitive information and business-critical applications "Provide clear guidance and encourage communication. Companies need to ensure that security policies for workers are clear and easy to follow. This includes instructing employees to communicate with internal security teams about any suspicious activities "Ensure the right security capabilities. Organisations need to ensure that all corporate-owned or managed devices are equipped with the best security capabilities, extending the same network security best practices that exist within the enterprise to all remote environments." PHILIP BRIDGE, PRESIDENT, ONTRACK: "Changes in our work habits can cause us to make mistakes that we might not have ordinarily made. Remote working has added a huge number of endpoints to organisations that may not have been there previously. Systems that are now being used to connect to a company's infrastructure may not have been vetted or provided by the employer. These new endpoints may be lacking in the security controls that corporate machines would have. "Remote working also gives corporations less control over their employees - what they are doing and when. More distractions at home can lead to increased engagement in risky behaviour such as clicking on links they wouldn't usually click on if they were in the office. "We have to remember that cybersecurity is mostly a human issue; the employee controlling the computer will always be the weakest point of any system, for example; ransomware through a phishing email only has legs, if an employee clicks on the link in the email. Employees need to be extra vigilant when remote working to ensure they are keeping optimal security practices." COREY NACHREINER, CHIEF SECURITY OFFICER, WATCHGUARD TECHNOLOGIES "The most prominent attacks and information security trends the WatchGuard Threat Lab believes will emerge in 2024 include: malicious prompt engineering tricks targeting large language models (LLMs); managed service providers (MSPs) doubling down on unified security platforms with heavy automation; 'Vishers' scaling their malicious operations with AI-based voice chatbots; and hacks on modern VR/MR headsets… to name a few. "Every new technology trend opens up new attack vectors for cybercriminals. In 2024, we believe that emerging threats targeting companies and individuals will be even more intense, complicated and difficult to manage. With an ongoing cybersecurity skills shortage, the need for MSPs [managed service providers], unified security, and automated platforms to bolster cybersecurity and protect organisations from the ever-evolving threat landscape has never been greater. "While people are experimenting with LLMs to increase operational efficiency, threat actors are learning how to maliciously exploit LLMs," states Nachreiner. "Using techniques like prompt injection or prompt extraction, threat 18 computing security March/April 2024 @CSMagAndAwards www.computingsecurity.co.uk
2024 predictions ?? ? actors can sometime bypass and LLMs designer-imposed limits and access data they shouldn't. During 2024, WatchGuard Threat Lab predicts that a smart prompt engineer, whether a criminal attacker or researcher, will crack the code and manipulate an LLM into leaking private data. "With around 3.4 million open cybersecurity jobs and fierce competition for available talent, more SMEs will turn to trusted managed service and security service providers, (MSPs and MSSPs), to protect them in 2024. To accommodate growing demand and scarce staffing resources, MSPs and MSSPs will double down on unified security platforms with heavy automation, using artificial intelligence and machine learning. "Cybercriminals can buy dark web tools to send spam email, automatically craft convincing texts and scrape the Internet for a target's information, but a lot of these tasks are still manual and require attackers to target one user at a time. Well-formatted tasks like these are perfect for AI automation - making it likely that AI-powered tools will emerge as 2024's dark web best sellers. "Finally, while QR codes have been around for decades, we expect a major headline-stealing hack in 2024, caused by an employee following a QR code to a malicious destination." DAVID MAHDI, CHIEF IDENTITY OFFICER, TRANSMIT SECURITY "Generative AI is enabling fraudsters to create more deceptive phishing campaigns, deepfakes and cyberthreats that evade standard detection methods. While ChatGPT can be used for malicious intent, it has some security guardrails. So bad actors quickly recognised they could build their own services to create and proliferate fraud campaigns. "Enter: FraudGPT, a service (among others) on the dark web giving cybercriminals the power of generative AI, with no security limitations. Want malicious code? Just ask. Need language translation and images for a phishing campaign? Done to perfection. Phishing attacks have increased over 1,200% in 2023 - a meteoric rise since the release of GenAI. "So, what can security leaders expect? At minimum, the volume and sophistication of attacks will continue to rise as GenAI gets smarter and bad actors learn how to wield its power. And it's not just phishing attacks. Fraudsters are now able to create polished, eye-catching ads for fake goods or services, collecting payments for goods that are never sent or leading victims to download remote access trojans (RATs) or banking trojans. Once installed, they log keystrokes or overlay fake login forms to steal credentials, even one-time passcodes. "Perhaps more unsettling, scammers are starting to use conversational bots on social media to mimic local dialects, professional language or gamer lingo, for example. They can even respond to DMs to build relationships and create positive, but fake, reviews. We expect this type of manipulation to grow and facilitate new types of fraudulent schemes." What can security leaders do? asks Mahdi. "To protect against the expected increase in volume and velocity of attacks, security leaders need to prepare their teams, process and technology. From a technology perspective, it's crucial to implement identity and security solutions that use equally powerful AI and ML. Advanced cybersecurity and anti-fraud must be fused with customer identity and access management (CIAM). For accurate detection of evasive threats, it's essential to leverage hundreds of detection methods and analyse anomalies within the full context of all that's happening in real time. Orchestration is a key component necessary for consolidating capabilities and correlating data - for contextaware risk and trust decisioning. From a process perspective, fraud teams should conduct table-top exercises and threat simulations to ensure they're ready." Jeff Williams, Contrast Security: thousands of COVID-19-related websites are being launched by cybercriminals. Phil Bridge, Ontrack: cybersecurity is mostly a human issue. www.computingsecurity.co.uk @CSMagAndAwards March/April 2024 computing security 19
Page 1: Computing Security Secure systems,
Page 4 and 5: Secure systems, secure data, secure
Page 6 and 7: news TORSION ANNOUNCES FILING OF PA
Page 8: news Greg Wetmore, Entrust. TIME TO
Page 11 and 12: legal focus GETTING YOUR ACT TOGETH
Page 13 and 14: artificial intelligence stratospher
Page 15 and 16: artificial intelligence "In an intr
Page 17: Computing Security Secure systems,
Page 21 and 22: 2024 predictions ?? ? security is t
Page 23 and 24: iometric cybersecurity the previous
Page 25 and 26: data management NEW DATA STATS ARE
Page 27 and 28: energy industry incidents in 2020 -
Page 29 and 30: ansomware NEW THREAT ACTORS SEND RA
Page 31 and 32: penetration testing I.T. SYSTEMS RE
Page 33 and 34: endpoint protection GETTING STRAIGH

CS Mar-Apr 2024

You also want an ePaper? Increase the reach of your titles

Delete template?

Save as template?