Generative AI can be used by attackers, but security professionals shouldn't lose sleep over it, according to a Google Cloud threat intelligence analyst.
Google Cloud's team recently spoke about the most notable cybersecurity threats of 2023 - multi-faceted extortion and zero-day exploitation - and predicted more zero-day attacks in 2024, during two public, virtual sessions.
Plus, Google predicts that both attackers and defenders will continue to use generative AI. However, generative AI probably won't create its own malware in 2024.
The two most notable cybersecurity threats of 2023, according to Google Cloud's Luke McNamara, principal trust and safety analyst, were multi-faceted extortion and zero-day exploitation.
Multi-faceted exploitation includes ransomware and data theft, although the number of ransomware attacks tracked by Google Cloud fell in 2023.
Most ransomware attacks initially stemmed from stolen credentials.
Brute force attacks and phishing were the next most common initial infection vectors for ransomware.
Attackers increasingly put stolen credentials up for sale on data leak sites, McNamara said.
Zero-day exploitation is defined by Google Cloud as vulnerabilities with no known patches that threat actors are actively exploiting.
In 2023, Google Cloud Security tracked 89 such attacks, surpassing the previous high of 2021.
Rew Kopcienski, principal threat intelligence analyst at Google's Mandiant Communication Center, talked about nation-state threat actors, zero-day attacks, movement between cloud environments and credential theft during his presentation about cyber threats in 2024.
In particular, China and Russia are focusing on zero-day attacks, he said.
Google Cloud expects China's cyber threat efforts to focus on high-tech fields like chip development.
Google Cloud expects more attacks from Russian-backed actors in 2024, mostly focused on victims inside Ukraine or related to Ukraine.
Many of these attacks are about stealing cryptocurrency or companies conducting cryptocurrency operations.
Google Cloud expects to see North Korea-affiliated threat actors' attacks broaden in 2024.
Attackers in 2024 may use tactics, techniques and procedures that allow them to travel across different cloud environments, likely due to the increasing use of cloud and hybrid environments.
Attackers can use generative AI to create text, voice messages and imagery, and Google Cloud expects this to become more common.
In 2023, generative AI has been used by attackers and defenders.
In 2024, AI may be used to increase the scale of attacks, such as by adopting AI in call centers running ransomware negotiations.
This Cyber News was published on www.techrepublic.com. Publication date: Thu, 21 Dec 2023 18:43:11 +0000