IBM’s 2024 predictions show gen AI is the new DNA of cyberattacks

IBM predicts attackers will strengthen their arsenals with generative AI and take their assault tradecraft to a brand new, extra deadly degree in 2024. The brand new 12 months alerts the beginning of a brand new period of deception and identification abuse, IBM’s predictions warn, with attackers compromising networks with counterfeit and stolen privileged entry credentials. 

Seventy-five % of safety failures begin as a result of privileged entry credentials and their related identities aren’t managed securely, in keeping with Gartner. That’s up from 50% simply three years in the past. 

Unit 42’s Cloud Risk Report discovered that 99% of analyzed identities throughout 18,000 cloud accounts from greater than 200 organizations had at the least one misconfiguration, indicating gaps in Id Entry Administration (IAM) safety. 

CrowdStrike’s 2023 Risk Looking Report discovered that “80% of cyberattacks leveraged identity-based methods to compromise professional credentials and attempt to evade detection.” The report continues, “This 12 months, the report reveals adversaries are doubling down on stolen credentials, with a 112% year-over-year improve in commercials for access-broker providers recognized within the prison underground.” 

Why gen AI is changing into the brand new DNA of cyberattacks 

Attackers know the place probably the most susceptible gaps are throughout risk surfaces, they usually’re utilizing gen AI to search out new methods to use them. IBM implies that assault methods will take a extra multidimensional strategy, with extra subtle social engineering techniques created utilizing gen AI main the best way. 

Listed here are IBM’s ten cybersecurity predictions for 2024:   

• 2024 would be the 12 months of deception. Charles Henderson, international head, IBM X-Power, predicts 2024 goes to be a busy 12 months for cybercriminals amid ongoing geopolitical tensions, main elections within the U.S. and European Union and the most important sporting occasion on the planet (Paris Olympics) all happening inside just a few months from one another. Henderson notes, “It’s an ideal storm of occasions that’s going to see disinformation campaigns on a complete new degree.”

  “Cybercriminals have every little thing they should deceive unsuspecting customers, shoppers and even public officers by way of AI-engineered deception techniques. We’re about to see improved deep fakes, audio fakes and really convincing AI-crafted phishing emails in cybercriminals’ efforts to deceive the general public and advance their malicious goals,” Henderson added.

• GenAI is about to make “buyer acquisition” a lot simpler for cybercriminals. Henderson says that cybercriminals have had restricted success monetizing the information they’ve exfiltrated from tens of hundreds of corporations. He factors out that gen AI is already altering that. Gen AI permits for the information to be filtered, correlated and categorized in minutes. Thus, attackers’ methods will look extra like a buyer acquisition course of because the 12 months progresses.  

• Enterprises are going to see an inflow of “Doppelgänger Customers” as identity-based assaults escalate. “Within the subsequent 12 months, I count on we’ll see extra “doppelgänger” customers popping up in enterprise environments, with customers behaving a sure approach sooner or later, and one other approach the subsequent — this irregular habits ought to be enterprises’ signal of compromise,’ predicts Dustin Heywood, chief architect of IBM X-Power. “With thousands and thousands of legitimate enterprise credentials on the Darkish Net proper now and the quantity persevering with to rise, attackers are weaponizing identification, viewing it as a stealthy technique of entry to overprivileged accounts.” 

• Prepare for the AI Model of Morris Worm signaling a brand new period of cyberattacks. The Morris Worm is taken into account the primary cyberattack ever reported in 1988. John Dwyer, head of analysis, IBM X-Power says a “Morris Worm-like” occasion the place AI is confirmed for use to scale a malicious marketing campaign is imminent. “With AI platforms beginning to develop into usually obtainable to companies, adversaries will start testing the nascent AI assault floor with exercise rising as AI adoption begins to scale. Whereas we’re nonetheless far out from the day the place AI-engineered cyberattacks develop into a norm, these items don’t occur in a single day – however the ‘premiere’ is probably going across the nook,” predicts Dwyer. 

• Amid a midlife disaster, Ransomware is heading for a makeover.  Dwyer predicts “ransomware could also be going through a recession in 2024, as extra nations pledge to not pay the ransom, and more and more fewer enterprises succumb to the stress of encrypted techniques – selecting to divert funds to rebuilding techniques versus decrypting techniques.” IBM discovered that ransomware operators battle with money circulate points making it troublesome to fund their resource-intensive campaigns. 

• Generative AI adoption will pressure CISOs’ deal with essential knowledge. Akiba Saeedi, vice chairman of information safety, IBM Safety, says that “knowledge safety, safety and privateness measures are the linchpin to the success of an AI-driven enterprise mannequin, however with knowledge changing into extra dynamic and energetic throughout the setting, the invention, classification and prioritization of essential knowledge will probably be a prime motion for safety leaders in 2024.” Saeedi observes that “with enterprises starting to embed gen AI into their infrastructure, they’re coping with new threat launched by centralizing numerous varieties of knowledge into AI fashions, numerous stakeholders accessing these fashions and knowledge they’re ingesting,  in addition to the precise inference and dwell use of the mannequin. This threat will drive CISOs to redefine what knowledge can introduce an existential risk to the group if compromised (e.g. basic IP) and reassess the safety and entry controls surrounding it.”

• Gen AI will degree up the position of safety analysts. Chris Meenan, vice chairman, product administration, IBM Safety says corporations have been utilizing AI/ML to enhance the efficacy of safety applied sciences for years – however the introduction of generative AI will probably be aimed squarely at maximizing the human factor of safety. Meenan predicts that “on this coming 12 months, gen AI will start to tackle sure tedious, administrative duties on behalf of safety groups – however past this, it is going to additionally allow much less skilled staff members to tackle more difficult, larger degree duties.”  “By embedding this sort of gen AI into present workflows, it is not going to solely liberate safety analysts’ time of their present roles however allow them to tackle more difficult work – assuaging among the stress that has been created by present safety workforce and abilities challenges,” Meenan predicts. 

• From risk prevention to prediction — cybersecurity nears a historic milestone. “As AI crosses a brand new threshold, safety predictions at scale have gotten extra tangible,” observes Sridhar Muppidi, CTO, IBM Safety. Muppidi predicts “Though early safety use circumstances of generative AI deal with the entrance finish, enhancing safety analysts’ productiveness, I don’t suppose we’re removed from seeing generative AI ship a transformative influence on the again finish to fully reimagine risk detection and response into risk prediction and safety,” Muppidi says.

• A brand new strategy to safety’s “Id Disaster” is coming. Wes Gyure, director of identification and entry administration, IBM Safety, observes that “Up to now, organizations hoped to consolidate these identities through a single identification resolution or platform, however in at this time’s actuality organizations are coming to phrases with the truth that this strategy is neither sensible nor possible.” Gyure predicts that “Within the coming 12 months, organizations will transfer to embrace an “identification cloth” strategy which goals to combine and improve present identification options reasonably than exchange them. The objective is to create a much less advanced setting the place constant safety authentication flows and visibility may be enforced.”

• Harvest Now, Decrypt Later” assaults to develop into extra widespread with Quantum developments. “Quantum system efficiency continues to scale nearer to the purpose of being cryptographically related, with research carried out by World Financial Discussion board, Nationwide Safety memorandums, and timelines revealed by CNSA suggesting quantum computer systems might have the flexibility to interrupt probably the most extensively used safety protocols on the planet by as early because the 2030s,” predicts Ray Harishankar, IBM Fellow, IBM Quantum Secure. He cautions that “techniques are susceptible to “harvest now, decrypt later” assaults — the place unhealthy actors steal and retailer knowledge for later decryption on the possibility of accessing such future quantum computer systems. With quantum computing advancing quickly, we consider these assaults will develop into extra widespread over the subsequent a number of years.” Harishankar says the U.S. Nationwide Institute of Requirements and Know-how (NIST) has already begun the method of creating new quantum-safe cryptography requirements and is predicted to publish its first official requirements in early 2024.