BeyondTrust experts forecast future threat vectors most likely to affect organisations worldwide in the New Year
BeyondTrust, the worldwide leader in intelligent identity and access security, released its annual forecast of cybersecurity trends emerging for the New Year and beyond. These projections, authored by BeyondTrust experts Morey J. Haber, Chief Security Officer; Christopher Hills, Chief Security Strategist; and James Maude, Director of Research, are based on shifts in technology, threat actor habits, culture, and decades of combined experience.
Prediction #1: The Evolution of the AI Threat in three stages:
- Part I – AI Threat Actors Take the Stage: Human threat actors will increasingly incorporate AI capabilities, acting as a force multiplier, enhancing their reach and technical prowess. Weak AI, specialising in narrow tasks, will be a key enabler for threat actors, assisting in discovering vulnerabilities and evading detection.
- Part II – New AI Threat Vectors Emerge: AI will enhance existing attack vectors while creating novel ones based on Generative AI’s results. The implications are profound, encompassing the generation of fake content that will challenge the line between reality and deception.
- Part III – AI Code Assistants Introduce Further Vulnerability: The surge in AI assistants will paradoxically lead to more security vulnerabilities in software development, as AI-generated code may contain errors and misconfigurations.
Prediction #2: Dedicated Applications Start the Course Toward Extinction
Generative AI is set to make dedicated applications obsolete. The flexibility and power of AI could replace them with voice commands, facilitating the building of trust in a common interface. Complex user interfaces may become obsolete as the focus shifts to results-driven and function-specific applications.
Prediction #3: Down with VOIP and POTS, UCS is the Future
Unified Communication Services (UCS) will phase out POTS and dedicated VOIP. Vulnerabilities and hacks may compromise this once-secure communication medium.
Prediction #4: Subscription Overload, There’s a Subscription for That
Expect everyday items to transition to subscription-based models. While electronic payments replace cash, the trend of licensing products and services via subscriptions will grow. However, subscription gaps may pose data security risks.
Prediction #5: Juice Jackers Exploit the Standardization of USB-C
The proliferation of USB-C connectors brings convenience but also poses security challenges. A single standard connection type simplifies the job for threat actors, increasing the risks of attacks.
Prediction #6: Exploit Mapping for Ransomware
Ransomware attacks will shift from data extortion to selling exploitable data about organisations. Threat actors will sell information about vulnerabilities, exploits, identities, privileges, and hygiene, focusing on potential threats and attack vectors.
Prediction #7: The Standardisation of Cyber Insurance
Cyber insurance is expected to become more standardised across providers, enhancing business risk reduction and liability management. A framework-based approach will standardise cyber policies.
“Looking ahead helps us anticipate where cyber threat actors will undoubtedly head, and preparing for what’s ahead makes all the difference in risk management effectiveness,” said Morey Haber, Chief Security Officer at BeyondTrust. “At BeyondTrust, we plan to provide the best security solutions to address current and future attack vectors, which our customers and partners expect.”