Artificial intelligence could only be the focal point among the trends in cyber security threats in 2024, as illustrated by the Sales Director of the Mediterranean Region of SentinelOne. Although it is a clear trend, talking about an increase in malware and ransomware attacks, which are increasingly dangerous and refined, is a repetition of what we have been telling ourselves for a few years. An aspect that in the IT security field is taking on much more importance than in the past is the risk represented by the indiscriminate adoption of Artificial Intelligence”.
The Dangers Of Generative AI
Generative AI and Large Language Models are increasingly widespread due to their undisputed potential benefits. Often, these are open-source technologies where development and training are done in-house, usually neglecting the security aspect. This represents a great attraction for attackers – specified the manager – who, once they have entered the system, can instruct the AI for their purposes.
For example, Customer Service could create responses that indicate links to malicious sites to solve the most common problems.” In reality, the very creative nature of generative models makes them vulnerable to novel attacks and, therefore, dramatically simplifies their compromise. Attackers target these models, feeding them with data that creates exploitable holes in their training phases. And AI allows it to operate at machine speed and globally.
The Nail Drives Out The Nail
This type of attack can only be countered by using Artificial Intelligence – highlighted Cecchi -. In practice, you must have Artificial Intelligence that controls what is generated by AI to protect the operating environments within the organization, both in the Cloud and on-premise.”
We welcome rules that regulate the use of AI and allow companies to change their approach to system development and security to limit potential avenues of attack. However, their adoption may represent an additional risk, at least in the short term.
Cecchi underlines how time and investments are necessary for a company to adapt to regulations. Cybercriminals can act quickly and immediately exploit AI to launch sophisticated attacks because there are no laws. However, it is undisputed that new attacks can only be countered with automation, identifying and resolving vulnerabilities in codes and configurations and making Detect and Response operations increasingly effective.
State-Sponsored Attacks Are Back
Another 2024 cyber security trend highlighted by the manager is the resurgence of state-sponsored attacks. «In reality, it is a threat that has always existed and was alive 5-6 years ago, but then had a decline in interest, leaving the scene to more profit-oriented forms of attack such as ransomware.
However, ongoing global conflicts have brought state-sponsored attacks back into vogue. And the attention will certainly remain high during this year, too.” In addition to wars, a contribution to state-sponsored attacks will also come from elections in the United States, Russia, and the EU.
Cyber Security 2024 On The Board’s Agenda
To try to stem a phenomenon that risks seriously compromising the solidity of the business, it is necessary to invest. Technology budgets remain stable, but resource budgets are decreasing – she commented –mainly due to the skill shortage, which she has talked about for some time but is now clearly being felt. And this means that it is more expensive for companies to manage projects, which are therefore slowed down a bit.”
Also contributing to accentuating the slowdown is that today, an in-depth financial analysis is required for every project within any organization. However, there is also the flip side: This allows organizations to grow their knowledge of the cyber field and IT security problems – concluded Cecchi –. They are thus finally brought to the board’s attention because they are not limited to the IT function but have a direct impact on the entire business of the organization and the services provided”.