29. 1. 2024

Cybersecurity was dominated by ransomware, hacktivism and artificial intelligence

Financial losses, election rigging and a polarised society. Where have cyber threats got us and what lies ahead?

Each year, the World Economic Forum compiles a list of global risks over a two to ten year horizon. In the 2024 Global Risks Report, misinformation and disinformation generated by artificial intelligence have risen to second place

Simple user interfaces and AI tools have enabled an explosion of distorted, misleading, manipulated and falsified information. They have been given their own label “synthetic content”. This means everything from sophisticated voice and image cloning to fake websites.

We are back to the same thing

However, Michal Srnec from Aliter Technologies points out that the situation in Slovakia is more complex because of the increased susceptibility to misinformation. In fact, the Media Literacy Index ranks us in the third cluster out of five.

The index covers 41 countries and measures potential vulnerability to disinformation in Europe, the UK and the Balkans. It takes into account the quality of education, media freedom, the level of trust in society and the use of new tools for participation. Higher scores indicate better resilience of a society to the impact of disinformation and related phenomena. Slovakia scored 48 out of a hundred, placing us in the middle of the ranking.

The trend is clear

Slovakia’s position in the media literacy rankings and the expanding risk of disinformation are very worrying trends. This combination is causing us to sink lower and lower in our ability to withstand disinformation, while the threats associated with it are rocketing. How to defend yourself? “The first step is to think critically when receiving information,” says Michal Srnec. Verifying messages is important, ideally through alternative communication channels. “Also be aware of social engineering tactics that often put pressure on individuals. It is this pressure that is the common denominator of many cyberattacks.”

Cyber attacks

The fifth biggest global risk, according to the WEF Report, is cyber-attacks.

New technological tools are opening up new markets for criminal networks. As a source of revenue for organised crime, cybercrime is increasingly low-risk and low-cost. It poses a significant threat to individuals, institutions, companies and states.

Fraud continues unabated

The vast majority of cyber-attacks start with fraudulent emails or malware on websites. ESET’s detection systems around the world report that phishing threats still account for the majority of malicious detections. And Slovakia is no exception.

A worrying trend is the increase in the number of websites infected with malicious JavaScript code that can exploit the victim’s device for further attacks. With this threat, all it takes to compromise a device is for the victim to visit an infected website.

More and more money

Analyst firm IDC reports that global cybersecurity spending was at an all-time high in 2023 – up to $219 billion – and predicts double-digit growth over the next two years. This begs the question of why we are not seeing a drastic reduction in the number of cyber incidents.

“The reality is that cyber attacks will grow even more intense. Technology is advancing and threat actors are finding new ways,” predicts Tomáš Vobruba, security specialist at Check Point Software Technologies. “These years show us that most armed conflicts start with a cyberattack.”

Phishing attacks

For cybercriminals, it’s easier to log into a system using stolen credentials than to laboriously breach defenses and prowl for vulnerabilities.

Given the relative success and ease of phishing campaigns, there will be more and more attacks that use stolen login credentials. Additionally, phishing tactics will become more personalized and effective with the use of artificial intelligence, making it even more difficult to identify malicious activity.

Hackers activists

If geopolitical instability continues, hacktivist attacks will increase.

While many hacktivist groups use political agendas as a reason for attacks, they often do so to mask ulterior motives. The trend suggests that the lines between hacktivism and commercial attacks will blur as hacktivist groups use ransomware as a source of revenue to fund various activities.

More sophisticated extortion

There is expected to be a proliferation of “Living Off The Land” techniques that use legitimate system tools for attacks. This more subtle approach is more difficult to detect and emphasizes the need for preventative strategies. In particular, this involves guided detection and response that can pinpoint anomalies in device and network behaviour.

Even as organisations strengthen defences against ransomware, data losses or leaks are likely to increase. An important factor may be the growing reliance on SaaS platforms that store sensitive data as part of application services.

Control of suppliers

The number of incidents involving the supply chain is alarming and the impact of such an attack can be far-reaching. For organisations, this means that they will need to assess supplier security measures more closely.

This is where stricter supply chain security protocols are essential. This is because cybercriminals are targeting smaller suppliers to gain access to larger companies.

The scissors are opening

“As new and growing risks emerge, cyber defence strategy is changing,” predicts Jozef Bálint from Alison Slovakia. As security software and hardware see marked developments, cyber defences are becoming increasingly sophisticated.

At the same time, however, defences will have to work more with the weakest. Cyber attacks will increasingly focus on less digitally literate individuals and poorly secured infrastructures and systems.


SOURCE: Hospodárske noviny