On November 2nd, according to a report by Check Point Research (CPR), the average number of weekly cyber-attacks worldwide has increased by 3% compared to the same period last year. Network threats such as ransomware and hacker activism have further evolved, with criminal groups improving their attack methods and tools in an attempt to threaten institutions around the world through virus infections and more. Among them, traditional methods like USB have once again become popular avenues for malware propagation.
One of the most significant developments this year is the evolution of ransomware organizations. According to data from over 120 ransomware " public release website," there were a total of 48 ransomware organizations publicly targeting over 2,200 victims in the first half of 2023. Additionally, Check Point's latest Brand Phishing Report for Q3 2023 shows a significant increase in phishing attacks, with the retail industry being the most impersonated sector during the third quarter, featuring companies like Walmart, Microsoft, Wells Fargo, Google, Amazon, Apple, Home Depot, LinkedIn, Mastercard, and Netflix in the top ten.
Ms. Amy Chow, Country Manager Hong Kong and Macau at Check Point, stated that reliance on AI in cybersecurity is undeniable for businesses. As AI continues to develop, cybercriminals adapt their attack strategies accordingly. Therefore, companies must actively keep pace with the evolving nature of network threats and harness the potential of AI in network security defense to effectively combat cyber-attacks and protect their business.
Furthermore, Check Point has made predictions regarding the network security landscape for 2024, focusing on several key areas:
1. Artificial Intelligence (AI) and Machine Learning: It is expected that next year, more cybercriminals will leverage AI to accelerate the development of their attack techniques, such as rapidly creating new variants of malicious software and ransomware, as well as utilizing Deepfake technology for phishing and impersonation attacks. Simultaneously, network defenders are also leveraging AI and machine learning to enhance their network defenses against cyber-attacks.
2. Hackers Leveraging Cloud for AI Resources - GPU Farms: The widespread adoption of generative AI has led to a rapid increase in the cost of using large-scale models. Hackers will likely focus on establishing GPU farms in the cloud to fund their AI activities, making it the latest and hottest target in cloud-based cyber-attacks.
3. Supply Chain and Critical Infrastructure Attacks: Cyber-attacks targeting critical infrastructure will continue to rise. Businesses will adopt a "zero-trust" framework, requiring authentication for anyone connecting to their systems, whether internal or external. Additionally, companies need to rigorously assess the security of their vendor suppliers and implement security protocols to prevent network attacks.
4. Cyber Insurance: AI will change how insurance companies assess clients' network security capabilities and provide opportunities for direct network security services. However, AI alone cannot solve all network security challenges, and businesses must strike a balance between security and convenience.
5. Weaponization of Deepfake Technology: As Deepfake technology continues to evolve, hackers will continue to exploit it for social engineering attacks to steal credentials and sensitive data. This technology is often used as a weapon to manipulate public opinion, stock prices, and even for more malicious purposes.
6. Persistent Phishing Attacks on Enterprises: Phishing attacks, being more convenient than malware intrusions, are expected to increase next year, especially attacks originating from credential theft. AI-enhanced phishing strategies may become more personalized and effective, increasing the difficulty of identifying malicious intent and leading to a rise in phishing attack incidents.
7. Ransomware: "Living off the Land" attacks, which utilize legitimate system tools for malicious purposes, are expected to significantly increase. Enterprises will need to adopt sophisticated network threat defense strategies, including hosted detection and response services, to precisely track devices and identify abnormal network behavior.
Moving forward, the Hong Kong China Network Security Association (HKCNSA) will continue to monitor the latest trends in network security, actively promote awareness of cybersecurity, and advance technological improvements to ensure the stability and continuous development of network security.
Source: IT Pro Magazine