IBM’s 2024 predictions show gen AI is the new DNA of cyberattacks

IBM predicts attackers will strengthen their arsenals with generative AI and take their assault tradecraft to a brand new, extra deadly stage in 2024. The brand new yr alerts the beginning of a brand new period of deception and id abuse, IBM’s predictions warn, with attackers compromising networks with counterfeit and stolen privileged entry credentials. 

Seventy-five percent of security failures begin as a result of privileged entry credentials and their related identities aren’t managed securely, in line with Gartner. That’s up from 50% simply three years in the past. 

Unit 42’s Cloud Threat Report discovered that 99% of analyzed identities throughout 18,000 cloud accounts from greater than 200 organizations had a minimum of one misconfiguration, indicating gaps in Id Entry Administration (IAM) safety. 

CrowdStrike’s 2023 Threat Hunting Report discovered that “80% of cyberattacks leveraged identity-based methods to compromise authentic credentials and attempt to evade detection.” The report continues, “This yr, the report exhibits adversaries are doubling down on stolen credentials, with a 112% year-over-year enhance in commercials for access-broker companies recognized within the prison underground.” 

Why gen AI is changing into the brand new DNA of cyberattacks 

Attackers know the place probably the most susceptible gaps are throughout risk surfaces, they usually’re utilizing gen AI to seek out new methods to take advantage of them. IBM implies that assault methods will take a extra multidimensional method, with extra refined social engineering ways created utilizing gen AI main the way in which. 

Listed here are IBM’s ten cybersecurity predictions for 2024:   

• 2024 would be the yr of deception. Charles Henderson, world head, IBM X-Pressure, predicts 2024 goes to be a busy yr for cybercriminals amid ongoing geopolitical tensions, main elections within the U.S. and European Union and the most important sporting occasion on this planet (Paris Olympics) all happening inside a couple of months from one another. Henderson notes, “It’s an ideal storm of occasions that’s going to see disinformation campaigns on an entire new stage.”

  “Cybercriminals have all the pieces they should deceive unsuspecting customers, shoppers and even public officers by AI-engineered deception ways. We’re about to see improved deep fakes, audio fakes and really convincing AI-crafted phishing emails in cybercriminals’ efforts to deceive the general public and advance their malicious targets,” Henderson added.

• GenAI is about to make “buyer acquisition” a lot simpler for cybercriminals. Henderson says that cybercriminals have had restricted success monetizing the information they’ve exfiltrated from tens of hundreds of corporations. He factors out that gen AI is already altering that. Gen AI permits for the information to be filtered, correlated and categorized in minutes. Thus, attackers’ methods will look extra like a buyer acquisition course of because the yr progresses.  

• Enterprises are going to see an inflow of “Doppelgänger Customers” as identity-based assaults escalate. “Within the subsequent yr, I count on we’ll see extra “doppelgänger” customers popping up in enterprise environments, with customers behaving a sure means at some point, and one other means the following — this irregular conduct must be enterprises’ signal of compromise,’ predicts Dustin Heywood, chief architect of IBM X-Pressure. “With hundreds of thousands of legitimate enterprise credentials on the Darkish Net proper now and the quantity persevering with to rise, attackers are weaponizing id, viewing it as a stealthy technique of entry to overprivileged accounts.” 

• Prepare for the AI Model of Morris Worm signaling a brand new period of cyberattacks. The Morris Worm is taken into account the primary cyberattack ever reported in 1988. John Dwyer, head of analysis, IBM X-Pressure says a “Morris Worm-like” occasion the place AI is confirmed for use to scale a malicious marketing campaign is imminent. “With AI platforms beginning to grow to be typically out there to companies, adversaries will start testing the nascent AI assault floor with exercise growing as AI adoption begins to scale. Whereas we’re nonetheless far out from the day the place AI-engineered cyberattacks grow to be a norm, this stuff don’t occur in a single day – however the ‘premiere’ is probably going across the nook,” predicts Dwyer. 

• Amid a midlife disaster, Ransomware is heading for a makeover.  Dwyer predicts “ransomware could also be going through a recession in 2024, as extra international locations pledge to not pay the ransom, and more and more fewer enterprises succumb to the stress of encrypted programs – selecting to divert funds to rebuilding programs versus decrypting programs.” IBM discovered that ransomware operators wrestle with money movement points making it tough to fund their resource-intensive campaigns. 

• Generative AI adoption will drive CISOs’ deal with important information. Akiba Saeedi, vice chairman of knowledge safety, IBM Safety, says that “information safety, safety and privateness measures are the linchpin to the success of an AI-driven enterprise mannequin, however with information changing into extra dynamic and energetic throughout the atmosphere, the invention, classification and prioritization of important information will probably be a prime motion for safety leaders in 2024.” Saeedi observes that “with enterprises starting to embed gen AI into their infrastructure, they’re coping with new threat launched by centralizing numerous varieties of information into AI fashions, numerous stakeholders accessing these fashions and information they’re ingesting,  in addition to the precise inference and reside use of the mannequin. This threat will drive CISOs to redefine what information can introduce an existential risk to the group if compromised (e.g. elementary IP) and reassess the safety and entry controls surrounding it.”

• Gen AI will stage up the function of safety analysts. Chris Meenan, vice chairman, product administration, IBM Safety says corporations have been utilizing AI/ML to enhance the efficacy of safety applied sciences for years – however the introduction of generative AI will probably be aimed squarely at maximizing the human factor of safety. Meenan predicts that “on this coming yr, gen AI will start to tackle sure tedious, administrative duties on behalf of safety groups – however past this, it can additionally allow much less skilled crew members to tackle more difficult, greater stage duties.”  “By embedding the sort of gen AI into current workflows, it is not going to solely release safety analysts’ time of their present roles however allow them to tackle more difficult work – assuaging a number of the stress that has been created by present safety workforce and abilities challenges,” Meenan predicts. 

• From risk prevention to prediction — cybersecurity nears a historic milestone. “As AI crosses a brand new threshold, safety predictions at scale have gotten extra tangible,” observes Sridhar Muppidi, CTO, IBM Safety. Muppidi predicts “Though early safety use circumstances of generative AI deal with the entrance finish, enhancing safety analysts’ productiveness, I don’t assume we’re removed from seeing generative AI ship a transformative impression on the again finish to utterly reimagine risk detection and response into risk prediction and safety,” Muppidi says.

• A brand new method to safety’s “Id Disaster” is coming. Wes Gyure, director of id and entry administration, IBM Safety, observes that “Up to now, organizations hoped to consolidate these identities by way of a single id answer or platform, however in immediately’s actuality organizations are coming to phrases with the truth that this method is neither sensible nor possible.” Gyure predicts that “Within the coming yr, organizations will transfer to embrace an “id cloth” method which goals to combine and improve current id options moderately than change them. The objective is to create a much less advanced atmosphere the place constant safety authentication flows and visibility may be enforced.”

• Harvest Now, Decrypt Later” assaults to grow to be extra frequent with Quantum developments. “Quantum system efficiency continues to scale nearer to the purpose of being cryptographically related, with research carried out by World Financial Discussion board, Nationwide Safety memorandums, and timelines revealed by CNSA suggesting quantum computer systems might have the flexibility to interrupt probably the most broadly used safety protocols on this planet by as early because the 2030s,” predicts Ray Harishankar, IBM Fellow, IBM Quantum Protected. He cautions that “programs are susceptible to “harvest now, decrypt later” assaults — the place unhealthy actors steal and retailer information for later decryption on the possibility of accessing such future quantum computer systems. With quantum computing advancing quickly, we imagine these assaults will grow to be extra frequent over the following a number of years.” Harishankar says the U.S. Nationwide Institute of Requirements and Expertise (NIST) has already begun the method of creating new quantum-safe cryptography requirements and is anticipated to publish its first official requirements in early 2024.