Staying up to date with the latest in cybersecurity has arguably never been more important than in 2024. Financial services provider Allianz named cyberattacks This year's biggest risk for businesses in the UK. and for the first time one of the main concerns for companies of all sizes. However, many professionals still do not know what the events of the first quarter tell us about the cyber landscape for the rest of the year that could have important consequences.
TechRepublic consulted UK industry experts to identify the three biggest trends in cybersecurity – AI, zero-days and IoT security – and provide guidance on how businesses can best defend themselves.
1. Sophisticated AI cyberattacks
In January 2024, the UK's National Cyber Security Center warned that the global ransomware threat was expected to increase due to the availability of artificial intelligence technologies, and that attacks would increase in both volume and impact. The risk for UK businesses is especially pronounced: a recent Microsoft report found that 87% are “vulnerable” or “at high risk” of cyber attacks. The Minister for AI and Intellectual Property, Viscount Camrose, has specifically highlighted the need for UK organizations “step up your cybersecurity plans” how is he third most attacked country in the world when it comes to cyber attacks, after the United States and Ukraine.
James Babbage, director general of threats at the National Crime Agency, said in the NCSC publication: “Artificial intelligence services reduce barriers to entry, increase the number of cybercriminals and will increase their capacity by improving the scale, speed and effectiveness of existing attack methods.”
Criminals can use the technology to carry out more convincing social engineering attacks and gain initial access to the network. According to Google Cloud's global Cybersecurity Forecast report, large language models and generative AI “will increasingly be offered on underground forums as a paid service and used for various purposes, such as phishing campaigns and the spread of disinformation.”
SEE: Top AI predictions for 2024 (free download from TechRepublic Premium)
Jake Moore, global cybersecurity advisor at antivirus and internet security company ESET, has been researching real-time cloning software that uses artificial intelligence to swap a video caller's face with another person's. He told TechRepublic via email: “This technology, along with impressive AI voice cloning software, is already starting to call into question the authenticity of a video call, which could have a devastating impact on businesses of all sizes.” .
OpenAI announced on March 29, 2024 that it was taking a “cautious and informed approach” when it comes to releasing its voice cloning tool to the general public.”due to the potential for misuse of synthetic voice.” The model called Voice Engine is capable of convincingly replicating a user's voice with just 15 seconds of recorded audio.
“Malicious hackers tend to use a variety of techniques to manipulate their victims, but impressive new technology without limits or regulations is making it easier for cybercriminals to influence people for financial gain and add yet another tool to their growing toolbox.” of tools,” Moore said.
“Staff need to be reminded that we are entering an era where seeing is not always believing and verification remains the key to security. Policies should never be limited to spoken instructions and all staff should be aware (of real-time cloning software) that is about to explode in the next 12 months.”
2. Most successful zero-day exploits
Government statistics found that 32% of UK businesses suffered a known data breach or cyberattack in 2023. Raj Samani, senior vice president of chief science at unified cybersecurity platform Rapid7, believes enterprise attacks will continue to be particularly prevalent in the UK throughout this year, but added that threat actors are also more sophisticated. .
He told TechRepublic in an email: “One of the most emerging trends during 2023 that we see continuing into 2024 is the large number of Zero Days exploited by threat groups that we would not normally have anticipated having such capabilities.
“What this means for the UK cybersecurity sector is the demand for faster triage of the prioritization of security updates. It is imperative that organizations of all sizes implement an approach to improve the identification of critical advisories that impact their environment and incorporate context into these decisions.
“For example, if a vulnerability is being exploited naturally and there are no compensating controls (and it is being exploited, for example, by ransomware groups), then the speed with which patches are applied will probably need to be prioritized.”
SEE: Top cybersecurity predictions for 2024 (free download from TechRepublic Premium)
The UK government’s “Cyber Security Breaches Survey 2023” found declines in the key cyber hygiene practices of password policies, network firewalls, restricted administrator rights, and policies for applying software security updates within 14 days. While the data largely reflects changes in micro, small and medium-sized businesses, the laxity significantly increases the scope of targets available to cybercriminals and highlights the need for improvement in 2024.
“Personal data is still an enormously valuable currency,” Moore told TechRepublic. “Once employees let their guard down (the attacks) can be extremely successful, so it is vital that staff members are aware of (the) tactics being used.”
3. Renewed focus on IoT security
By April 29, 2024, all IoT device providers in the UK will be required to comply with the Telecommunications and Product Safety Act of 2022That is, at least:
- Devices must be password enabled.
- Consumers can clearly report safety issues.
- The duration of the device's security support is disclosed.
While this is a positive step, many organizations continue to rely heavily on legacy devices that may no longer be supported by their vendor.
Moore told TechRepublic in an email: “Too often, IoT devices have been packaged with weak, if any, built-in security features, so (users) are on the defensive from the start and often , they do not realize potential weaknesses. Security updates also tend to be infrequent, which poses greater risks to the owner.”
Organizations that rely on legacy devices include those that run critical national infrastructure in the UK, such as hospitals, utilities and telecommunications. Evidence of Such presented for a UK Government report on the threat of ransomware to national security stated that “it is not uncommon within the CNI sector to find obsolete systems with long operational lives that are not routinely updated, monitored or evaluated.” Other evidence of NCC Group said that “OT (operational technology) systems are much more likely to include components that are 20 to 30 years old and/or use older software that is less secure and no longer supported.” These older systems put essential services at risk of disruption.
SEE: Top IIoT security risks
According to the computer security company ZScaler, 34 of the 39 most used systems IoT Exploits have been present on the devices for at least three years. Additionally, Gartner analysts predicted that 75% of organizations will host legacy or unmanaged systems. to perform mission-critical tasks by 2026 because they have not been included in their zero trust strategies.
“IoT owners should understand the risks when installing any Internet-connected device in their business, but forcing IoT devices to be more secure from the design phase is vital and could fix many common attack vectors,” Moore said. .
