Kaspersky researchers anticipate that advanced Persistent Threats actors will introduce new exploits on mobile, wearables, and smart devices. — Photo courtesy of Kaspersky
Advanced Persistent Threats (APT) actors will introduce new exploits on mobile, wearables, and smart devices and use them to form botnets, refine supply chain attack methods, and utilise AI for more effective spear-phishing.
These advancements are anticipated to intensify politically motivated attacks and cybercrime, according to Kaspersky researchers.
Kaspersky Global Research and Analyses Team (GReAT) experts offered insights and projections for 2024 in the Kaspersky Security Bulletin, with a focus on the evolution of APTs.
Emerging AI tools will streamline spear-phishing message production, even enabling the mimicry of specific individuals. Attackers may devise creative automation methods by gathering online data and feeding it to Large Language Models (LLMs) to craft letters in the style of a person connected to the victim.
“Operation Triangulation” marks a groundbreaking year for mobile exploits, potentially inspiring more research into APTs attacking mobile, wearables and smart devices.
They also stressed that users will likely witness threat actors broadening their surveillance efforts, targeting various consumer devices through vulnerabilities and “silent” exploit delivery methods, including zero-click attacks through messengers, one-click attacks via SMS or messaging apps, and network traffic interception.
Protection of personal and corporate devices has become increasingly vital.
The exploitation of vulnerabilities in commonly used software and appliances is yet another area where people should be vigilant. The discovery of high and critical severity vulnerabilities sometimes receives limited research and delayed fixes, potentially paving the way for new, large-scale, and stealthy botnets capable of targeted attacks.
State-sponsored cyberattacks also have the potential to surge in the year ahead amid increasing geopolitical tensions. These attacks will likely threaten data theft or encryption, IT infrastructure destruction, long-term espionage, and cyber-sabotage, Kaspersky said.
Another notable trend is hacktivism, which has become more common as part of geopolitical conflicts. Geopolitical tensions indicate a likely increase in hacktivist activity, both destructive and aimed at spreading false information, leading to unnecessary investigations and subsequent alert fatigue of SOC analysts and cybersecurity researchers.
They also mentioned other advanced threat predictions for 2024, including supply chain attacks as a service: operators’ bulk-buying access, the emergence of more groups offering hack-for-hire services, kernel rootkits will be hot again, and Managed File Transfer systems will be used for advanced attacks.
“In 2023, the notable surge in the availability of AI tools didn’t elude the attention of advanced malicious actors engaged in extensive and highly sophisticated campaigns. However, we anticipate that upcoming trends go beyond AI implications, including new methods for conducting supply chain attacks, the emergence of hack-for-hire services, novel exploits for consumer devices, and more.
"Our goal is to provide defenders with advanced threat intelligence that stays ahead of the latest threat developments, enhancing their capacity to fend off cyberattacks more effectively,” said Igor Kuznetsov, director, Global Research and Analysis Team at Kaspersky. — VNS