In a rapidly evolving digital landscape, Candid Wuest, VP of Cyber Protection Research, unveils a compelling prediction for 2024, highlighting the dynamic interplay between artificial intelligence (AI) and escalating cyber threats
1. AI continues to evolve, and cybercriminals are getting more creative. With the significant rise of AI in the past year, there’s been equally increasing security risks. We’ve seen a spike in FBI reports regarding the creation of deep fakes through generative AI. Cybercriminals have been exploiting deep fakes with the intention to cause serious consequences through misinformation, such as a public crisis, family extortion, or severe stock disruptions. It is probable that this will happen more often as the technology becomes better understood, especially with financial incentives. Some cybercriminals may also start using AI in creative ways to extract sensitive information. Phishing has become the “prime child” of generative AI, and I predict that these risks will still pose a threat without intervention. In 2024, I believe we will see a large number of new regulations surrounding AI.
2. Multi-factor authentication (MFA) is changing. Historically, MFA has been the tried-and-true method for best protecting sensitive information. This may be changing, however, as we’ve seen multiple high-profile MFA and social engineering attacks take place. As hackers have found ways to breach the system and circumvent the MFA, it could lead to a shift towards anti-phishing MFA technology becoming more widely used. This anti-phishing MFA process allows the user to log in by receiving a specific token or code that is not accessible on another device and is bound to the user’s session.
3. Consumers beware of ‘juice jacking.’ Earlier this year, Apple integrated USB-C charging into their new product lineup, potentially cementing a new standard for charging consumer technology devices. Public charging stations may therefore become more accessible to all consumers, which could pose an opportunity for increased instances of juice jacking in 2024. When a device is plugged into a compromised charging port, threat actors can use the connection to download the user’s data. This attack model is not massively scalable so this issue may be contained, but users must stay vigilant on updating their device’s software to patch vulnerabilities. Additionally, consumers can avoid being juice jacked by using a charging block instead of USB charging cable or using a cable that has the data connection cut.