Last year was a ground-breaking year for cybersecurity advancements and attacks, with new developments making headlines globally. As threats become more complex and innovative, cybersecurity experts need to stay abreast with themes and patterns within the latest attacks.
As we look forward through 2024, we asked experts from our threat intelligence, product management, and customer service teams at Egress to share their predictions for what’s to come in 2024 in this dynamic landscape.
Jack Chapman, VP of Threat Intelligence
Faster, harder and more targeted
“Moving from 2023 to 2024, a key trend is automation behind cyberattacks and more importantly how attackers can combine and automate across multiple steps of the traditional kill chain. This unfortunately will continue to expand; I expect it will go as far as automatically creating or selecting templated phishing attacks tailored to a user's OSINT information, sending the attack, requesting and validating the MFA and validating the compromise to perform follow-up attacks.
The reduction in attacker participation allows for more sophisticated targeted attacks, without the threat actor spending time, money or effort, and ultimately raising the average bar of successful attacks.”
Security of AI coming to the forefront
“We often talk about attackers weaponizing the use of AI, which is certainly coming! Whether it be utilizing LLM’s or automating the generation of A/B testing specific features within phishing emails and broader cyber-attacks. However, an area which is overlooked often, is targeting the AI systems which are in place to protect organizations themselves.
Although these systems are an asset to improve the technology controls protecting organizations, attackers have realized the opportunity here. Why combat the technology if you can teach it that all of your attacks are “safe”?!
This is an evolution from obfuscation-based attacks which target the technology directly; now attackers can target the technology and the machine learning behind it.”
New barrage of supply chain threats
"In 2024 I predict that this will follow on to the next effective method at a new scale and challenge, using the compromised accounts of those who are already known to an organization and its users. At Egress, we have already seen a sharp rise in the latter half of 2023, but it’s expected to grow drastically in 2024.
For a threat actor, this has so many appealing features: a ready-made list of potential targets, far higher success rates than your run-of-the-mill compromised attack, and an easier path into more secure but appealing organizations which may be too tough to target directly. This is going to be a big trend for 2024.”
Over the past few years, we have seen the evolution of attackers utilizing compromised business accounts to target new and unsuspecting victims, effectively bypassing authentication and trust-based protection systems."
Jack Chapman, VP of Threat Intelligence
James Dyer, Threat Intelligence Lead
Multi-channel attacks on the rise
“Cyberattacks are becoming increasingly sophisticated, but they’re also utilizing multiple channels to attempt to add legitimacy. Victims may receive a QR code in an email, and then a follow-up SMS text, replicating multi-channel methods seen commonly in marketing, and even multi-factor authentication.
In 2024, I can only see this trend growing. And with messaging apps like WhatsApp and Signal having less security systems than email, I predict more channels will be targeted.”
AI becomes a threat actor’s best friend
“We’re seeing more and more advanced phishing attacks, with increasingly detailed and accurate information that is harvested with the help of AI. Cybercriminals will be using open-source intelligence (OSINT) to create plausible backstories by scraping social media profiles in less than a second, or asking ChatGPT to write the most persuasive messages, and even utilize AI software to help create payloads and speed up delivery.
As AI is added to a threat actor’s arsenal, I hope 2024 brings more governance around these tools and the ethical use of AI software.”
AI systems targeted creatively
“As AI advances, threat actors are becoming creative with their attacks to make it tough for Natual Language Processing (NLP) and linguistic checks to locate malicious wording within emails. I predict that we’ll see more invisible characters, lookalike characters and use of images to avoid scannable words which NLP would traditionally pick up.”
Along a similar vein, we’ll probably see a spike in password-restricted payloads where the payload is hidden initially as well as more attacks coming through encrypted emails which security solutions cannot scan."
James Dyer, Threat Intelligence Lead
Steve Malone, VP of Product Management
Two pints please. That will be £25,000.
“QR codes took off as the pandemic swept the globe, but I predict that QR codes will disappear from pub and restaurant tables as more people scan and get scammed. As with any convenience tool, attackers have already started to use QR codes in phishing campaigns to evade traditional defenses. But walk into any bar and you’ll find a QR code on the table - what better way to harvest credit card details than through using a fake QR code!”
Rise of the machines
“AI, one of the venerable buzzword acronyms beloved by technology vendors, has finally come into the spotlight. With more and more technology products offering a “co-pilot” AI assistant, I expect that poisoning or take-over of AI tools will lead to breach, compromise and manipulation of users.
In fact, AI has already wormed its way into CISOs brains; our 2023 Email Risk Report showed 72% of cybersecurity leaders are worried about the use of chatbots to improve phishing attacks. For 2024, it’s bound to be a prominent force.”
Email is dead! Long live email!
“Collaboration tools such as Teams and Slack are now gaining ground in corporate communications, driven mainly by the ability to communicate externally. However, as more corporate communication moves to these platforms, organizations will see more issues relating to communication style and tone.
For the most part, email is used with a business tone, and most users now understand that they’re “doing business” when they send business email. Cut to a Teams or Slack chat though and style becomes colloquial, immediate, abbreviated and in many cases, not business appropriate."
Email will remain the medium of choice for business communication in industries where regulation and control is key. I predict that collaboration will over-run the rest of the world and the floodgates of socially-engineered attacks will migrate from email to collaboration.”
Steve Malone, VP of Product Management
Sudeep Venkatesh, Chief Customer Officer
More interoperability and fewer silos
“The cybersecurity space has thousands of software vendors that solve specific problems with point solutions. Our customers are faced with the problem of owning dozens of solutions that do not talk to each other and this leads to management overheads and loss of productivity."
Faster and more efficient time to value
“A customer's buyer's remorse is strongest when they have just signed a software contract and move into the implementation phase. This opens up a phenomenal opportunity for software vendors to offer a smooth deployment and get the customer realizing value in their investment ASAP. The trust built in the implementation phase is often rewarded with strong advocates and long-term loyalty. On the contrary, the seeds of almost all churn are sown during deployment!”
Obsessing with showing value
“The clock in Software As a Service (SaaS) is always ticking! Customers make significant investments in cybersecurity software to protect against ever evolving threats. Along with providing customers with the best protection possible, vendors need to obsess about showing value to customers. Every interaction with a customer including high touch QBRs, digital communications and analytics portals needs to focus on how you are better improving their security posture. Otherwise, customers battling cyber threats on multiple fronts will quickly move onto other priorities."
My first prediction for 2024 is that customers will demand greater interoperability between their cybersecurity vendors which will help them enhance their security postures and reduce costs.”
Sudeep Venkatesh, Chief Customer Officer
With the intelligent cybersecurity protections that Egress offers, security professionals can rest assured that their organizations and the users within them are protected from a myriad of inbound and outbound threats. To learn more about Egress Intelligent Email Security, book a demo today.