As a new year begins, we are looking ahead to the big cybersecurity trends that will impact businesses over the next 12 months. And the topic on everyone’s minds now is AI. To understand more about how AI will impact the world of cybersecurity in the year ahead, we spoke to our HP experts to get the lowdown.
AI to supercharge social engineering – putting users and endpoints on the frontline
According to HP’s Senior Malware Analyst, Alex Holland, AI will supercharge social engineering attacks on an unseen scale, spiking on red letter days: “In 2024, cybercriminals will use AI to supercharge social engineering attacks on an unseen scale: generating impossible-to-detect phishing lures in seconds. These lures will appear highly plausible and look indistinguishable from the real thing, making them harder than ever for employees to spot – even those that have had phishing training.
He adds: “We are likely to see mass AI-generated campaigns spike around key dates. For instance, 2024 stands to see the most people in history vote in elections – using AI, cybercriminals will be able to craft localized lures targeting specific regions with ease. Similarly, major annual events, such as end of year tax reporting, sporting events like the Paris Olympics and UEFA Euro 2024 tournament, and retail events like Black Friday and Singles Day, will also give cybercriminals hooks to trick users.”
Dr. Ian Pratt, Global Head of Security for Personal Systems at HP Inc. echoes Holland’s prediction: “Attackers will also be able to automate the drafting of emails in minority languages and scrape information from public sites to pull information on targets and create highly personalized social engineering attacks en masse. Once threat actors have access to an email account, they can automatically scan threads for important contacts and conversations, and even attachments, sending back updated versions of documents with malware implanted.”
AI will remove technical barriers, enabling more advanced attacks
AI will not only enable more targeted lures, it will help threat actors develop new malware and techniques. Pratt comments: “Continued use of ML-driven fuzzing, where threat actors can probe systems to discover new vulnerabilities. We may also see ML-driven exploit creation emerge, which could reduce the cost of creating zero-day exploits, leading their greater use in the wild.”
Such attacks will not only impact above the operating system, but at lower levels too, as Boris Balacheff, Chief Technologist for System Security Research and Innovation, HP Inc. warns: “The democratization of AI capabilities will contribute to the continued rise of more advanced attacks, including against firmware. In 2024, malicious actors will be looking to maximize their use of AI to extend and scale attack capabilities. This will accelerate attacks in OS and application software, but also across more complex layers of the technology stack like firmware and even hardware – where attack efforts have been on the rise in recent years.
He continues: “And because the industry will improve defensive capabilities with the use of more advanced AI, we will see an increase in motivation amongst bad actors to attack firmware, below the operating system software stack. This will lead to more efforts to exploit systems at the lower level, to get a foothold below a device operating system and the industry’s best software security defenses."
Michael Heywood, Business Information Security Officer, HP Inc. adds that this focus on the supply chain could mean attackers will seek ways into the ground floor, infecting devices before they are even onboarded: “In 2024, we’ll see the attention on software and hardware supply chain security grow, as attackers seek to infect devices as early as possible – before they have even reached an employee or organization. We expect attackers to leverage AI to seek to lower the cost of identifying vulnerabilities and even create new ones to insert into software supply chains.”
Balacheff adds, “In fact, recent security research has even begun to show how Generative AI could be used to facilitate developing vulnerabilities to inject into specialized hardware designs, promising increased pressure in the hardware supply chain.”
Generative AI and AI PCs will revolutionize how we work – but create new risks
Pratt notes that beyond phishing, the rise of Large Language Models (LLMs) will revolutionize the endpoint, while also making it a prime target for cybercriminals in 2024: “We will see a rise in ‘AI PCs’, which will revolutionize how people interact with their endpoint devices. With advanced compute power, AI PCs will enable the use of ‘local Large Language Models (LLMs)’ – smaller LLMs running on-device, enabling users to leverage AI capabilities independently from the Internet. These local LLMs are designed to better understand the individual user’s world, acting as personalized assistants. But as devices gather even more sensitive user data, endpoints will be a higher risk target for threat actors.”
He adds that LLMs themselves could be targeted: “As many organizations rush to use LLMs for their chatbots to boost convenience, they open themselves up to users abusing chatbots to access restricted data. Threat actors will be able to socially engineer corporate LLMs with targeted prompts to trick them into overriding its controls and giving up sensitive information – leading to data breaches.”
Silver linings: Regulation and increased security will make life harder for attackers
The good news is AI will also bolster efficiency for cyber defenders. 2024 will see cybersecurity teams making AI a priority – by using this technology to their advantage. For example, security teams will use AI to improve threat detection and speed up remediation. This could not come at a better time, with a reported four million cybersecurity professionals needed globally.
Organizations will also need to prepare for the regulatory changes brought about by AI. Steve Inch, Principal Print Security Strategy & Product Management at HP Inc. notes that 2024 will be the year of regulation, with Secure by Design IoT devices thwarting botnet operators: “The rapid proliferation of cybersecurity regulations around the globe will help to ensure greater protection for consumers and purchasers of IoT devices. This higher standard of security will come as a wake-up call for manufacturers who have previously focused on function and feature – with security taking a back seat. We’ll see manufacturers shifting to a secure-by-design mentality, with out-of-the-box capabilities becoming the industry standard.”
Yet increased defences on PCs and laptops could lead some attackers to revert to offline methods of attack. Shivaun Albright, Chief Technologist of Print Security at HP Inc. believes that in 2024, attackers will seek out new ways to exfiltrate data, reverting to paper as digital avenues are closed off: “As cyber defences become more sophisticated and internal data access controls get tighter, it is becoming harder for attackers and malicious insiders to exfiltrate data without detection. As more avenues become locked down, those seeking to surreptitiously exfiltrate data – be that schematics, customer data or communications – will have to go back to basics. We’ve already started to see this behaviour, with a damaging leak of US confidential documents reported earlier this year.”
Advice: How cybersecurity teams should respond to new challenges in 2024
With a raft of new threats, HP’s experts also provided advice on how organizations can better protect themselves in 2024:
- Leverage AI to improve cyber defences, such as identifying high value phishing targets or detect patterns or anomalies to track for cyber espionage
- Create a virtual safety net for users by isolating and containing risky activities, wrapping protection around applications, and preventing credential theft
- Adopt Zero Trust principles to protect against all threats, both known and unknown
- Actively manage hardware and firmware security across the device lifecycle by investing in improving the maturity of hardware and firmware configuration management
- Make cybersecurity integral to relationships with third parties, and spend time evaluating software and hardware supply chain security
- Adopt a risk-based approach to improve supply chain resilience by identifying all potential pathways into software or physical products
Trust and collaboration are essential in the new age of AI
Ultimately, organizations must seek Trusted AI security partners to maximize the benefits of AI, while being protected from the new security and privacy threats.
HP strives to build the most secure and resilient endpoint devices in the world* – and when HP launches its AI PCs in the second half of 2024, we intend to lead the way in creating safe, secure, and trustworthy AI.
HP is also investing in new training and development programs to ensure our people have the skills to succeed in the AI-enabled jobs of the future. We look forward to working across the public and private sector to ensure the security & privacy of AI systems, so every user can reap the benefits AI has to offer without compromising on security.