There has never been a more important time to stay up-to-date on cybersecurity information than in 2024. For the first time, financial services provider Allianz has named cyber-attacks as the biggest risk to UK businesses this year and the top concern for businesses of all sizes. However, many experts remain unsure what the events of the first quarter will tell us about the cyber landscape for the rest of the year, which could have significant consequences.
TechRepublic consulted UK industry experts to identify the three most important trends in cyber security – AI, zero-day and IoT security – and provide guidance on how businesses can best maintain their advantage.
1. Advanced cyber attacks using AI
In January 2024, the UK's National Cyber Security Center warned that the availability of AI technology is expected to increase the global ransomware threat, increasing both the volume and impact of attacks. The risks to UK businesses are particularly pronounced, with a recent Microsoft report finding that 87% are 'vulnerable' or 'at high risk' to cyber-attacks. Viscount Camrose, Minister for AI and Intellectual Property, particularly highlighted the need for organizations in the UK to “strengthen their cyber security plans” as the country is the third most targeted country in the world after the US for cyber-attacks. And Ukraine.
James Babbage, Director of Threats at the National Crime Agency, said in the NCSC post: Attack method. ”
Criminals can use this technology to perform more convincing social engineering attacks and gain initial network access. According to Google Cloud's Global Cybersecurity Prediction Report, large-scale language models and generative AI are “increasingly offered as paid services in underground forums and used for a variety of purposes, including phishing campaigns and spreading disinformation. “It will be done.”
See: Top AI predictions for 2024 (TechRepublic Premium free download)
Jake Moore, a global cybersecurity advisor at internet security and antivirus company ESET, is researching real-time cloning software that uses AI to swap the face of a video call caller with another person's face. He told TechRepublic in his email: “This technology, along with superior AI voice cloning software, is already beginning to call into question the reliability of video calls and could have devastating effects on businesses of all sizes.”
OpenAI announced on March 29, 2024 that it would take a “cautious and informed approach” in making its voice cloning tool publicly available “due to the potential for malicious use of synthesized speech.” The model, called Voice Engine, can convincingly replicate a user's voice with just 15 seconds of recorded audio.
“Malicious hackers tend to use a variety of techniques to manipulate their victims, but great new technology with no boundaries or regulations allows cybercriminals to influence people for financial gain. It’s now easier to give and add yet another tool to your ever-growing toolkit,” Moore said.
“Staff need to be reminded that we are moving into an era where seeing is believing and verification remains the key to security. Policies should never shy away from prioritizing verbal instructions. All staff need to be aware that (real-time cloning software) is going to explode over the next 12 months.”
2. More successful zero-day exploits
Government statistics reveal that 32% of UK businesses suffered a known data breach or cyber-attack in 2023. Rajsamani, senior vice president and chief scientist at integrated cybersecurity platform Rapid7, believes corporate attacks will continue to be particularly frequent in the UK throughout this year. But he added that threat actors are also becoming more sophisticated.
He told TechRepublic in an email: “One of the most emerging trends of 2023, and expected to continue into 2024, is the sheer number of zero-days being exploited by threat groups that were not normally expected to have such capabilities. is.
“What this means for the UK cybersecurity sector is the need for faster triage of security update prioritization. Organizations of all sizes can improve their ability to identify critical recommendations impacting their environment. It is essential to implement an approach that incorporates context into these decisions.
“For example, if a vulnerability is being exploited in the wild and there are no compensating controls in place, and if it is being exploited by, for example, a ransomware group, then speed of patching may need to be prioritized. .”
See: Top cybersecurity predictions for 2024 (TechRepublic Premium free download)
The UK government's 2023 Cybersecurity Breach Survey found a decline in key cyber hygiene measures, including password policies, network firewalls, restrictions on administrator privileges, and policies requiring software security updates to be applied within 14 days. While the data primarily reflects changes in small, medium and micro businesses, this laxity has significantly expanded the range of targets available to cybercriminals, highlighting the need for improvement in 2024. It has become.
“Personal data continues to be a very valuable currency,” Moore told TechRepublic. “It's important that employees are aware of the tactics being used because once employees let their guard down,[attacks]can be very successful.”
3. Renewed focus on IoT security
By 29 April 2024, all IoT device suppliers in the UK must comply with the Product Security and Telecommunications Act 2022. This means at least the following:
- Device must be password enabled.
- Consumers can clearly report security issues.
- The duration of security support for devices is public.
While this is a positive step, many organizations continue to rely heavily on legacy devices that may no longer receive support from their suppliers.
Moore told TechRepublic in an email: “IoT devices too often have weak, if any, built-in security features, putting[users]at a disadvantage from the start and often unaware of potential weaknesses. Yes. Security updates also tend to be infrequent, creating additional risk for owners.”
Organizations that rely on legacy devices include those serving the UK's critical national infrastructure, such as hospitals, utilities, and telecommunications. Evidence submitted by Thales to the UK government's report on the ransomware threat to national security states that “within the CNI sector there are aging systems that have long operational lives and are not regularly updated, monitored and assessed. It is not uncommon to find them.” Other evidence from NCC Group shows that “OT (operational technology) systems may contain components that are 20 to 30 years old or use outdated software that is no longer secure or supported. These outdated systems are putting critical services at risk of disruption.
See also: Key IIoT security risks
According to IT security firm ZScaler, 34 of the 39 most popular IoT exploits have been present on devices for at least three years. Furthermore, Gartner analysts predict that by 2026, 75% of organizations will have unmanaged or legacy systems that perform mission-critical tasks because they have not incorporated a zero trust strategy. I predict that it will.
“While IoT owners need to understand the risks of introducing internet-connected devices into their business, it is essential to make IoT devices secure from the design stage and are aware of many common attacks. We may be able to modify the vector,” Moore said.
