2023 Saw a Number of High-Profile Breaches

We hope that you had a successful 2023. Looking back, 2023 saw a number of high-profile breaches as criminals and nation-state-supported hackers both created new methods of attacking and took advantage of existing vulnerabilities.

Looking to 2024, here are a few things that we think are worth keeping an eye on moving forward.

Phishing NOW WITH AI
Phishing continues to be a persistent and lucrative attack vector for criminals and state- sanctioned hackers. The rise in generative AI makes it easier and cheaper to iterate messages and tactics in this field. A number of generative AI products have popped up on the dark web and in criminal forums. All indications are that these tools are being used and will make phishing more of a problem going forward. As always, phishing training and protocols are the simplest way to ensure that your organization isn’t affected.

State-supported hacking continues.
Russia and Iran have stepped up attacks related to the conflicts in Ukraine and Israel. This dramatically increases the chances that some particularly nasty malware breaks contain and spreads to the wider world. Additionally, hacking by North Korea and Iran continue to be revenue sources for those regimes, as such there’s no expectation that problems created by state-supported hackers will decline in 2024.

AI voice clones will make authentication harder.
This is looking around the corner a little bit, but as AI-enabled voice clones get better it may pose challenges for authentication. We’re quite used to trusting a person’s voice, and as these tools improve, criminals and scammers will be the first ones to put it to use. What may start as people trying to scam grandmothers will inevitably move up the food chain to targeting larger organizations.

As always, if you have questions about IT security and the evolving threat landscape, call ITPAC.