More impactful breaches across network infrastructure predicted

Photo by Tima Miroshnichenko

Vectra AI has released its 2024 Security Predictions for Asia Pacific and Japan. The predictions highlight the impact of another turbulent year of disruption from increasingly complex ransomware, emerging AI-driven threats, an ever-expanding attack surface, and over-burdened security teams.   

Chris Fisher, Vectra AI’s Director of Security Engineering APJ states everyone should be on high alert for 2024, as attackers capitalise on network infrastructure and other vulnerabilities, with breaches having notable and lasting implications.

Fisher comments, “While this year’s headlines appeared to be less sensational than the previous year’s, breaches have been far more impactful with attackers having moved away from traditional endpoint-style attacks to infiltrate network infrastructure.

“For example, the MOVEit breach is potentially one of the largest data breaches from a single instance of a vulnerability that we’ve seen to date, which affected a lot of ANZ/APJ organisations. We see this breach as laying the path for more critical zero-day mayhem in 2024.”

On the cybersecurity landscape, Fisher continues, “While organisations have become better at putting traditional security systems in place, attackers are also getting more sophisticated by pivoting towards network infrastructure to gain entry.

“As we move into 2024, threat actors will see networks as a soft target, and this indicates that they will continue to exploit this as organisations struggle to stop lateral movement. Once attackers gain a foothold, they can move in a way that they can’t be detected and can do very significant damage.”

Fisher also believes that AI will have a transformative impact on both attack and defense with its footprint felt across most of the trends uncovered. “GenAI is like a search engine on steroids. From a defender’s standpoint this can be hugely beneficial in aiding rapid and successful response.

“As more organisations embrace new GenAI initiatives, they will need to balance that speed of innovation with governance and greater accountability. We must also continue to look at what we really mean by ‘AI’ and look into how applied and adaptive AI can advance our security practices, helping us to find the right signals in a vast array of data.”

Prediction 1: Security endpoint breaches will decline as downstream defences rise.

Traditional security is akin to building a higher and higher wall to keep out intruders, but once the intruder is inside it’s very difficult to catch them. In 2024 expect a rise of breaches where attackers have exploited an existing vulnerability and are able to move laterally through a network.

Security incidents will move away from compromised endpoints, ushering in a new era of threats primarily targeting federated identity systems, public clouds, and business-email-compromise (BEC). This new breed of attacks will exploit the vulnerabilities and relative immaturity of security practices related to cloud, identity and SaaS applications.

Prediction 2: AI causes rise in next-level phishing and social engineering attacks.

AI-powered attacks in the form of more convincing phishing attempts, automated malware creation, evasion of security measures and personalised social engineering attacks will make it harder for traditional security tools to detect and prevent hackers.

More specifically, Gen AI tools, such as ChatGPT, are enabling attackers to make smarter, more personalised phishing attacks, in numerous languages, on mass scale, with deepfakes also increasingly prevalent. The response to this will largely revolve around organisation-wide awareness and education, with AI-supported security, XDR and zero trust playing an important role too.

Prediction 3: Gen AI to support SOC teams and address cybersecurity talent shortage.

While AI is expected to add security complexities, on the flipside it has huge potential to support security teams. For example, GenAI can provide a toolset and rapid insights into security challenges and appropriate responses, by compiling a vast amount of information and assimilating it into proposed solutions or approaches.

This is especially pertinent as the cybersecurity talent shortage grows, and experts are hard to come by. Greater support via AI systems is also expected to help attract more talent to the industry. It’s also important to note the difference between GenAI and applied or adaptive AI. While the former may have useful application, the latter is what drives true transformational change from a security standpoint.

Prediction 4: Organisations understand the difference between XDR and zero trust.

In recent years, zero trust has emerged as a dominant focus in the security landscape. However, zero trust isn’t a countermeasure, it’s a strategic approach that is aspirational, as with third-party systems and processes it’s inevitable an organisation will trust an outside entity.

In 2024, there will be a rise in organisations understanding the difference between zero trust and the necessity of implementing robust security measures designed for this modern world, which is where extended detection and response (XDR) comes in. XDR underpins other strategies and innovation initiatives, including zero trust, to stop hackers in their tracks.

Prediction 5: CISOs are welcomed into the boardroom out of sheer necessity.

In 2024, cybersecurity is a strategic priority that can no longer be siloed in the IT department. Gartner has predicted that by 2026, 70% of boards will include at least one member with expertise in security. An expert in cybersecurity is able to understand the reality of threats and what is required to mitigate them, helping to educate other leaders of the organisation on where investment and resources should be focused on.

In turn, this will help organisations to move beyond reactive defence and act on new business opportunities that come with being prepared.