Kaspersky researchers predict APT actors will introduce new exploits on mobile, wearables, and smart devices and use them to form botnets, refine supply chain attack methods, and utilize AI for more effective spear-phishing. 2024 might witness new developments in dark web access market activities related to supply chains, enabling more efficient and large-scale attacks. Hack-for-hire groups are on the rise, providing data theft services to clients ranging from private investigators to business rivals. These advancements are anticipated to intensify politically motivated attacks and cybercrime.
About Kaspersky
Kaspersky is a global cybersecurity and digital privacy company founded in 1997. Kaspersky’s deep threat intelligence and security expertise is constantly transforming into innovative solutions and services to protect businesses, critical infrastructure, governments, and consumers around the globe. The company’s comprehensive security portfolio includes leading endpoint protection, specialized security products and services, as well as Cyber Immune solutions to fight sophisticated and evolving digital threats.
The following summarizes Kaspersky’s prediction:
- AI-powered spear-phishing: Advanced threat actors will use AI tools to craft more convincing and personalized messages, mimicking the style and tone of specific individuals.
- New exploits for consumer devices: Mobile, wearables, and smart devices will be targeted by APTs for surveillance and data theft, using zero-click and one-click attacks, and network traffic interception.
- Rise of hacktivism and state-sponsored attacks: Geopolitical tensions will fuel more politically motivated cyberattacks, both destructive and aimed at spreading false information. Hack-for-hire groups will also offer data theft services to various clients.
- Supply chain attacks as a service: Dark web access market activities will enable more efficient and large-scale attacks on smaller firms to breach major ones, for financial gain or espionage.
- Windows kernel attacks and MFT system breaches: Windows kernel security measures will be bypassed by APTs and cybercrime groups, using WHCP abuses and BYOVD tactics. Managed File Transfer (MFT) systems will face escalating cyber threats, leading to operational disruptions and data loss.
By: DESTINY YOUNG
Technology Infrastructure and IT/Cybersecurity Engineer