We have seen several shocks to the cyber threat landscape in the years since 2020 – from tragic conflicts in Ukraine and Gaza and disruptive technologies like AI breaking into the mainstream. We certainly have a greater awareness of the importance of a secure supply chain and open access to the internet.
It is difficult to be optimistic about what 2024 will now bring among deepening tensions and a widening cyber skills gap. With that said, here are my predictions for how we should respond to the cyber threat landscape in 2024.
Threat intelligence sharing alliances will broaden and deepen
2023 put the spotlight on the benefits of sharing threat intelligence with allied nations. The US sharing data with allies at the International Counter Ransomware Initiative was just one example of nation states working together to fortify defences against threat actors. At Nominet, I’ve seen firsthand how collaboration at this scale can collectively boost cyber resilience for all. Our hope for 2024 is that these alliances are deepened and expanded across a greater number of countries and cyber agencies.
Collaboration between public and private sector organisations is another way of amplifying the impact of these alliances. Emergent threats are caught more quickly when data from across sectors, public and private, can be analysed. Once a technique has been proven in one sector it will often be used in others. Nominet has been using new detection techniques in 2023 to better protect its public sector customers and counteract the evolving techniques of cyber criminals.
This is, however, one of the most significant election years in history. The UK, USA, and European parliament elections are already grabbing headlines, and there are others such as Taiwan, South Africa, India, and Pakistan that could impact security and trade ties in volatile regions.
Those of us working in the cyber security space need to make threat intelligence sharing easier and show the effectiveness of it to ensure it continues.
AI will challenge us and help us fight back (responsibly)
The volume of phishing attacks soared in 2023, reported to have risen by 173% between Q2 and Q3. With AI being integrated into threats like commoditised phishing kits, cybercriminals have the power of large language models trained to create convincing messages that are raising the game for hackers like we’ve never seen before. Every malicious technique already being used by cybercriminals is now being enhanced by AI.
And we also see the potential for good with AI, including fighting cyber crime. AI can play a crucial role in addressing the cyber skills gap. This can range from training newcomers to cyber security using more realistic simulations created by AI, to reducing manual tasks in threat detection and response, and even helping to create a more cyber-aware workforce through in-app guidance. At Nominet we are leveraging AI to help us scale our own threat intelligence programme.
But we all need to do this responsibly and be aware that these systems can also be compromised through new types of vulnerabilities including Adversarial Machine Learning. The National Cyber Security Centre’s (NCSC’s) recently published guidelines for secure AI system development is a good example of collaboration across these challenges. It was developed with the US’s Cybersecurity and Infrastructure Security Agency (CISA) and signed by 17 other countries. The guidelines aim to help developers ensure cybersecurity measures are built into their AI systems, for a ‘secure by design’ approach to AI.
Ransomware and crypto crime will continue to rise, despite bans
In the UK and many other countries in Europe, organisations have already been discouraged from paying ransoms. But at the end of 2023 the US led an alliance of 40 countries who vowed to stop ransom payments to cyber criminals. By eliminating the cash flow to hackers it’s hoped this may at the very least stymie the growing rise in criminal groups profiting from ransomware attacks.
However, there will be challenges to create and enforce an outright ban on ransomware payments. Organisations could circumvent the rules by making payments outside jurisdictions where payments have been illegalised. Consultants specialising in cryptocurrency laundering and use of decentralised crypto exchanges will still offer their services. There has been an increase in nefarious crypto activity in 2023. It is essential to both disrupt the financial infrastructure that facilitates criminal gangs and discourage payments to stop ransomware.
I do believe we will see more coordinated action across international law enforcement agencies to fight against the tide. The intersection of ransomware, darknet activity, and sanctioned governments make this even more critical in a potentially geopolitically turbulent 2024.
Kim Wiles is senior product manager at Nominet.