Organisations will require innovative defence strategies to address the transformative role of generative AI in the cyber threat landscape and a likely rise of sophisticated social engineering tactics and identity theft powered tools in the year ahead, according to cyber security specialist Trend Micro.

The widespread availability and improved quality of generative AI, coupled with the use of generative adversarial networks, are expected to disrupt the phishing market in 2024 according to Trend Micro. It warns that this transformation will enable cost-effective creation of hyper-realistic audio and video content that could drive a new wave of business email compromise, virtual kidnapping, and other scams.

Eric Skinner, VP of market strategy at Trend, said: “Advanced large language models, proficient in any language, pose a significant threat as they eliminate the traditional indicators of phishing such as odd formatting or grammatical errors, making them exceedingly difficult to detect. Businesses must transition beyond conventional phishing training and prioritize the adoption of modern security controls. These advanced defences not only exceed human capabilities in detection but also ensure resilience against these tactics.”

AI models themselves may also come under attack in 2024. Trend Micro says that while GenAI and LLM datasets are difficult for threat actors to influence, specialised cloud-based machine learning models are a far more attractive target. The more focused datasets they are trained on will be singled out for data poisoning attacks with various outcomes in mind, from exfiltrating sensitive data to disrupting fraud filters and even connected vehicles.

These trends may, in turn, lead to increased regulatory scrutiny and a push from the cybersecurity sector to take matters into its own hands. Greg Young, VP of cybersecurity at Trend Micro, said: “In the coming year, the cyber industry will begin to outpace the government when it comes to developing cybersecurity-specific AI policy or regulations. The industry is moving quickly to self-regulate on an opt-in basis.”

Trend's 2024 predictions report also warns of a potential surge in cloud-native worm attacks, targeting vulnerabilities and misconfigurations and using a high degree of automation to impact multiple containers, accounts and services with minimal effort.

It also anticipates that an increasing number of supply chain attacks will target not only upstream open-source software components but also inventory identity management tools, such as telco SIMs, which are crucial for fleet and inventory systems. It warns that cybercriminals will also likely exploit vendors' software supply chains through CI/CD systems, with a specific focus on third-party components.

---