Experts at Kaspersky, a cybersecurity solutions company, warn the public of escalating dangers driven by artificial intelligence (AI) and increased automation. Its latest report foresees a spike in cyberattacks, particularly targeting the financial industry including direct payment systems, and a rise in backdoored open-source packages.
Reflecting on previous predictions, Kaspersky has anticipated the uptick in Web3 threats and the growing demand for malware loaders.
Kaspersky predicts that 2024 is poised for AI-fueled cyberattacks mimicking genuine communication channels, likely resulting in an influx of lower-quality campaigns. Direct payment systems’ popularity might lead to clipboard malware and heightened exploitation of mobile banking Trojans, exemplified by the global expansion of families like Grandoreiro, targeting numerous banks across 40 countries.
Kaspersky predicts new exploits from APT actors in 2024
Kaspersky: Lack of cybersecurity budget puts retail sector at risk
Surge in open-source backdoored packages
The company also said that the year forecasts a troubling surge in open-source backdoored packages, exploiting vulnerabilities in widely used software, potentially causing data breaches and financial losses. The evolving cybercriminal ecosystem anticipates more fluid affiliate groups, making it challenging for law enforcement to track and combat cybercrime effectively.
Kaspersky also sees crimeware actors are expected to shift to more reliable one-day exploits due to a shortage of zero-days, while misconfigured devices and services present unauthorized access points for launching attacks. Financial institutions must brace for these evolving threats by implementing proactive cybersecurity strategies and fostering sector-wide collaboration.
“To stay ahead, financial institutions and organizations must proactively adapt their cybersecurity strategies, fortifying defenses to safeguard assets and sensitive data,” said Marc Rivero, lead security researcher at GReAT. “The key to success lies in fostering collaboration between the public and private sectors, forging a united front against the escalating risks that define the financial cybersecurity terrain in the year ahead.”