2023 has been a ground-breaking year for cybersecurity advancements and attacks, with new developments making headlines globally.
Experts from threat intelligence, product management, and customer services at Egress share their predictions for what’s to come in 2024 in this dynamic landscape.
Jack Chapman, VP of Threat Intelligence:
Faster, harder and more targeted
“Moving from 2023 to 2024, a key trend is automation behind cyberattacks and, more importantly, how attackers can combine and automate across multiple steps of the traditional kill chain. Unfortunately, this will continue to expand. I expect it will go as far as automatically creating or selecting templated phishing attacks tailored to a user’s OSINT information, sending the attack, requesting and validating the MFA and validating the compromise to perform follow-up attacks.
“The reduction in attacker participation allows for more sophisticated targeted attacks, without the threat actor spending time, money or effort. Ultimately it will raise the average bar for successful attacks.”
Security of AI coming to the forefront
“We often talk about attackers weaponizing the use of AI, which is certainly coming! Whether it be utilizing LLM’s or automating the generation of A/B testing specific features within phishing emails and broader cyber-attacks. However, an area which is overlooked often, is targeting the AI systems which are in place to protect organizations themselves.
“Although these systems are an asset to improve the technology controls protecting organizations, attackers have realized the opportunity here. Why combat the technology if you can teach it that all of your attacks are “safe”?!
“This is an evolution from obfuscation-based attacks which target the technology directly; now attackers can target the technology and the machine learning behind it.”
New barrage of supply chain threats
“Over the past few years, we have seen the evolution of attackers utilizing compromised business accounts to target new and unexpecting victims, effectively bypassing authentication and trust-based protection systems.
“In 2024, I predict that this will follow on to the next effective method at a new scale and challenge, using the compromised accounts of those who are already known to an organization and its users. At Egress, we have already seen a sharp rise in the latter half of 2023, but it’s expected to grow drastically in 2024.
“For a threat actor, this has so many appealing features: a ready-made list of potential targets, far higher success rates than your run-of-the-mill compromised attack, and an easier path into more secure but appealing organizations which may be too tough to target directly. This is going to be a big trend for 2024.”
James Dyer, Threat Intelligence Lead:
Multi-channel attacks on the rise
“Cyberattacks are becoming increasingly sophisticated. They are also utilizing multiple channels to attempt to add legitimacy. Victims may receive a QR code in an email and then a follow-up SMS text, replicating multi-channel methods seen commonly in marketing and even multi-factor authentication.
“In 2024, I can only see this trend growing. And with messaging apps like WhatsApp and Signal having fewer security systems than email, I predict more channels will be targeted.”
AI becomes a threat actor’s best friend
“We’re seeing more and more advanced phishing attacks, with increasingly detailed and accurate information that is harvested with the help of AI. Cybercriminals will be using open-source intelligence (OSINT) to create plausible backstories by scraping social media profiles in less than a second. In addition, they may ask ChatGPT to write the most persuasive messages and even utilize AI software to help create payloads and speed up delivery.
“As AI is added to a threat actor’s arsenal, I hope 2024 brings more governance around these tools and the ethical use of AI software.”
AI systems targeted creatively
“As AI advances, threat actors are becoming creative with their attacks to make it tough for Natual Language Processing (NLP) and linguistic checks to locate malicious wording within emails. I predict that we’ll see more invisible characters, lookalike characters and use of images to avoid scannable words, which NLP would traditionally pick up.
“Along a similar vein, we’ll probably see a spike in password-restricted payloads where the payload is hidden initially as well as more attacks coming through encrypted emails which security solutions cannot scan.”
Steve Malone, VP of Product Management:
Two pints please. That will be £25,000
“QR codes took off as the pandemic swept the globe, but I predict that QR codes will disappear from pub and restaurant tables as more people scan and get scammed.
“As with any convenience tool, attackers have already started to use QR codes in phishing campaigns to evade traditional defenses. But walk into any bar and you’ll find a QR code on the table – what better way to harvest credit card details than through using a fake QR code!”
Rise of the machines
“AI, one of the venerable buzzword acronyms beloved by technology vendors, has finally come into the spotlight. More and more technology products offer a “co-pilot” AI assistant. I expect that poisoning or take-over of AI tools will lead to breach, compromise and manipulation of users.
“In fact, AI has already wormed its way into CISOs brains. Our 2023 Email Risk Report showed 72% of cybersecurity leaders are worried about the use of chatbots to improve phishing attacks. For 2024, it’s bound to be a prominent force.”
Email is dead! Long live email!
“Collaboration tools such as Teams and Slack are now gaining ground in corporate communications, driven mainly by the ability to communicate externally.
“However, as more corporate communication moves to these platforms, organizations will see more issues relating to communication style and tone. For the most part, email is used with a business tone, and most users now understand that they’re “doing business” when they send business emails.
“Cut to a Teams or Slack chat, though, and style becomes colloquial, immediate, abbreviated and in many cases, not business appropriate.
“Email will remain the medium of choice for business communication in industries where regulation and control are key. I predict that collaboration will over-run the rest of the world, and the floodgates of socially engineered attacks will migrate from email to collaboration.”
Sudeep Venkatesh, Chief Customer Officer:
More interoperability and fewer silos
“The cybersecurity space has thousands of software vendors that solve specific problems with point solutions. Our customers are faced with the problem of owning dozens of solutions that do not talk to each other, and this leads to management overheads and loss of productivity.
“My first prediction for 2024 is that customers will demand greater interoperability between their cybersecurity vendors, which will help them enhance their security postures and reduce costs.”
Faster and more efficient time to value
“A customer’s buyer’s remorse is strongest when they have just signed a software contract and move into the implementation phase. This opens up a phenomenal opportunity for software vendors to offer a smooth deployment and get the customer realizing value in their investment ASAP.
“The trust built in the implementation phase is often rewarded with strong advocates and long-term loyalty. On the contrary, the seeds of almost all churn are sown during deployment!”
Obsessing with showing value
“The clock in Software As a Service (SaaS) is always ticking!
“Customers make significant investments in cybersecurity software to protect against ever-evolving threats. Along with providing customers with the best protection possible, vendors need to obsess about showing value to customers. Every interaction with a customer, including high-touch QBRs, digital communications and analytics portals, needs to focus on how you are better improving their security posture. Otherwise, customers battling cyber threats on multiple fronts will quickly move onto other priorities.”
As advanced persistent threats continue to evolve, we recognize that people are the biggest risk to organizations’ security and are most vulnerable when using email.
Egress is the only cloud email security platform to continuously assess human risk and dynamically adapt policy controls, preparing customers to defend against advanced phishing attacks and outbound data breaches before they happen. Leveraging contextual machine learning and neural networks, with seamless integration using cloud-native API architecture, Egress provides enhanced email protection, deep visibility into human risk, and instant time to value.
Trusted by the world’s biggest brands, Egress is private equity backed with offices in London, Sheffield, Cheltenham, New York, Boston, and Toronto.