Fortra Cybersecurity Predictions 2024
December 2023 by Fortra
With the end of 2023 coming to a close, Fortra, on how the state of cybercrime can be impacted by the 2024 presidential election, how teams can start protecting against cyber threat now and how we can expect to see a rise in phishing attacks.
Over the past year, Ryan Maltzen, Pablo A. Zurro and Antonio Sanchez, have been commenting on the turbulations and changes that have affected the cyber industry throughout the year.
Ryan Maltzen, Cyber Architect
2024 is a presidential election year in the US. 2016 and 2020 both saw impressive increases in attempts to influence voters through crafty propaganda and social media campaigns run by bots and expert social engineers, along with attempts to influence the vote itself through abuse of related technologies. In past elections, this was more largely a manual process than we should expect with the rise of generative AI and other tools that seem well positioned to have impacts in this space. Whomever can best develop technologies to bring some level of truth, identification, or attribution to these less scrupulous uses of tech will be a disruptor, and will be doing the world a favour by helping get one step ahead of this in some fashion.
Pablo A. Zurro, Offensive Security Product Manager
Practice is key! With the growth of cyberattacks and their complexity, it is vital that organizations are ready to defend themselves and to repel attacks in the most effective way. Defenders have no schedule, they can be called to action at any moment, and should be at a constant peak of preparedness. Red Team exercises allow security teams to practice real world scenarios; where they experience the pressure of an attack and learn how best to respond. Alongside pen testing prevention controls and unit testing detection controls, testing response processes through red teaming allows organizations to meet the three pillars of security: prevention, detection and response. This proactive approach has the potential to save organizations a significant amount of money!
Antonio Sanchez, Principal Cybersecurity Evangelist
We can expect to see an increase in phishing campaigns targeting foreign countries. Language barriers have kept the phishing volume low for many countries since poor grammar and punctuation are common ways to identify a malicious email. Generative AI technologies such as ChatGPT have removed this barrier and enabled attackers to create malicious emails with perfect grammar and punctuation in just about any language. For example, Japan has historically had very low volume of phishing attacks as that language is difficult to learn and translate for most of the world. ChatGPT has removed that barrier and the result has been a sharp increase in phishing attacks targeting Japan. Also, attackers are aggressively purchasing country specific domains to use in their attacks. This combination will allow attackers to execute more targeted phishing campaigns in foreign countries and with higher frequency.