What do hackers reveal about key cybersecurity worries for 2024?

  • AI-assisted hackers, amateur cybercriminals, and biometric vulnerabilities challenge 2024’s cybersecurity.
  • AI’s rise in 2024 brings dual-edged cybersecurity impacts, aiding protection and hacker attacks.
  • Cybersecurity in 2024 navigates AI advancements, dark web data leaks, and new passkey technologies.

AI has emerged as the most transformative technology of 2023. Organizations are actively seeking to integrate AI into their business models to enhance productivity and scalability. There’s also a growing trend towards using AI as a foundational element in cybersecurity strategies, especially as adversaries begin to harness its potential in their attacks.

As we move through 2024, AI and machine learning are expected to play a pivotal role in improving endpoint and vulnerability management. A key area of focus will be the deployment phase in software development.

During this phase, AI-enabled tools have become increasingly vital for examining code for potential security risks and ensuring secure configurations. This heightened level of scrutiny is essential for more effective software deployment, proactively identifying and addressing vulnerabilities before they escalate into security threats.

But these advancements come at a time of heightened cybersecurity concerns. The ISACA State of Cybersecurity 2023 report revealed a troubling trend: 38% of organizations are witnessing more cyberattacks compared to the previous year. There’s also a noticeable drop in respondents who expect their organization to be targeted in the upcoming year. This somewhat optimistic outlook, a first since ISACA started tracking this data, is likely influenced by an increased belief in the consistent rate of cybersecurity incidents.

NordVPN’s shift in predicting cybersecurity risks – with the help of hackers

December marks a time when experts at NordVPN traditionally forecast upcoming cybersecurity risks. In a shift from their usual approach, in 2023, they delved into the largest dark web forums to analyze the most discussed topics, using these insights to inform their predictions.

Marijus Briedis, NordVPN’s CTO, notes, “Every year, we try to predict sophisticated attacks from experienced hackers, who mostly target businesses or influential people. Taking this year’s approach helped us realize that regular internet users are often attacked by amateur hackers who are still developing their craft. They can also cause a lot of harm to their unsuspecting victims, and users need to be informed about their plans.”

Will 2024 be the year of hackers?

Will 2024 be the year of hackers? (Source – X).

The cybersecurity team at NordVPN has derived five key predictions based on these dark web discussions:

The rising trend of leaked nudes on the dark web

In recent times, dark web forums have seen a surge in discussions around leaked nudes, particularly from platforms like OnlyFans and Instagram. These threads have amassed nearly 1,850 comments and rank among the top 20 most active on these forums.

Marijus Briedis predicts a worrying trend for the upcoming year, with an expected increase in the leakage of intimate images. He also warns of a new tactic by criminals using AI and deepfake technology to produce counterfeit explicit images to deceive consumers. To counteract this, Warmenhoven advises against sharing personal photos on social media platforms and recommends using encrypted cloud services for secure photo sharing.

AI: A boon for hackers

The hacker community shows a growing interest in AI, as shown by the popularity of hacked ChatGPT accounts and AI-based attack tutorials. This suggests that AI users are increasingly becoming targets, and hackers are exploiting AI to enhance the efficiency and effectiveness of their operations.

Briedis highlighs the role of AI in automating phishing attacks, predicting a rise in such incidents in the near future, and thus intensifying cybersecurity challenges. He also suggests that those who struggle to recognize phishing attempts should consider using dedicated browser extensions designed for this purpose.

Growth in amateur hacker numbers

Approximately one in every ten posts on these forums is dedicated to learning attack techniques. Popular topics include doxxing, hacking WhatsApp and TikTok accounts, and WiFi hacking courses. This trend indicates a growing exchange of hacking knowledge and suggests an imminent rise in the number of amateur hackers and the frequency of their attacks. In response, users are encouraged to take their cybersecurity education more seriously and stay informed about the latest threats.

The high demand for customer data

Research indicates that discussions about leaked customer data, including social media credentials, driving licenses, and email addresses, constitute approximately 55% of all forum threads. This points to a continued interest among hackers in personal data, underlining the vulnerability of users to hacking. Warmenhoven recommends using multi-factor authentication (MFA) wherever available to safeguard online data.

The limitations of biometric authentication

Many online platforms now offer biometric authentication options to enhance user security. However, studies show that hackers are finding ways to circumvent some of these methods, such as bypassing selfie verification systems used by certain cryptocurrency platforms. A forum thread dedicated to this topic has garnered over 200 comments.

Briedis foresees biometric authentication as a future security staple but emphasizes its effectiveness only when combined with multi-factor authentication. He predicts that reliance on biometric methods alone may prove unreliable, prompting the development of more comprehensive security measures.

Understanding 2024's cybersecurity risks through hackers' eyes.

Understanding 2024’s cybersecurity risks through hackers’ eyes and how biometric authentication options help. (Generated with AI).

The emergence of passkey technology

A significant innovation in cybersecurity is the introduction of passkey technology. Passkeys consist of a public and private key pair, where each key is dependent on the other, rendering them useless in isolation to potential hackers. Furthermore, the private key on a device cannot be accessed without the device owner’s biometric identification or a PIN code, offering an additional layer of security.

Conclusion

Ultimately, the ongoing battle against cyberthreats in this AI-driven era calls for a proactive and informed approach. It involves implementing advanced technological solutions and fostering a culture of cybersecurity awareness and education among internet users, according to the hackers who pose the threat. As we navigate these complex digital waters, the lessons learned from both the advancements and the setbacks of 2023 and 2024 will undoubtedly shape the future of cybersecurity.