Researchers of cybersecurity solutions company Kaspersky predicts APT (Advanced Persistent Threat) actors will introduce new exploits across mobile, wearables, and smart devices, forming botnets, refining supply chain attacks, and using AI for more effective spear phishing. These advancements are expected to heighten politically motivated attacks and cybercrime.
AI (artificial intelligence) tools are poised to streamline spear phishing, enabling the mimicry of specific individuals through creative automation methods. This involves gathering online data to craft personalized messages and and feed them to LLMs, potentially enhancing attackers’ abilities to deceive targets.
“Operation Triangulation,” highlighted this year by Kaspersky, signifies a pivotal year for mobile exploits, likely inspiring increased research into APTs targeting these devices. Threat actors are expected to widen surveillance efforts, exploiting vulnerabilities in various consumer devices using methods such as zero-click attacks via messengers and network traffic interception. Protecting personal and corporate devices becomes increasingly critical in this landscape.
Kaspersky: APT campaign attacks via Safari browser
Kaspersky: APT campaign targets government entities in APAC
Vulnerabilities in widely used software and appliances present another significant concern. Limited research and delayed fixes for high-severity vulnerabilities could pave the way for stealthy botnets capable of targeted attacks.
Nation-sponsored attacks
Geopolitical tensions are anticipated to drive a surge in state-sponsored cyberattacks, posing threats like data theft, infrastructure destruction, espionage, and cyber sabotage. Hacktivism, increasingly common in geopolitical conflicts, is likely to intensify, causing unnecessary investigations and alert fatigue among cybersecurity analysts.
Supply chain attacks targeting smaller firms to breach major ones, exemplified by the Okta breaches, remain a substantial threat. Motives range from financial gain to espionage. The year 2024 might witness advancements in dark web access markets facilitating more efficient and large-scale attacks.
The rise of hack-for-hire groups offering data theft services to diverse clients is expected to continue. Despite advanced security measures, APTs and cybercrime groups adeptly bypass kernel-level code execution barriers, leveraging WHCP abuses and underground markets for EV and code signing certificates. Windows kernel attacks are escalating.
Managed File Transfer (MFT) systems, as seen in breaches of MOVEit and GoAnywhere in 2023, face mounting cyber threats. The intricate MFT architecture within broader networks presents vulnerabilities, necessitating robust cybersecurity measures like Data Loss Prevention, encryption, and enhanced cybersecurity awareness to safeguard against evolving threats.