Cybersecurity Challenges: AI, Ransomware and More
Cybersecurity is always challenging. There are so many moving parts, and everything is constantly changing. From artificial intelligence (AI) to ransomware, insider attacks, cloud attacks, IoT attacks, phishing attacks, supply chain vulnerabilities, and even infrastructure attacks, we are so interconnected, usually more than we realize. In this article, we review some of the most recent cybersecurity trends and challenges that are especially prevalent so far this year and discuss how you can fortify your cybersecurity strategy to mitigate cybersecurity risks.
In January of this year, the World Economic Forum published a report on the Global Cybersecurity Outlook in 2024, contending that there is a critical emerging gap between organizations poised to handle the coming cybersecurity threats and those that will get hurt. Organizations are racing to adopt AI-powered solutions when even the best cybersecurity minds don’t fully understand who is in control. There is also a lack of cybersecurity skills and an overall talent shortage, with only 15% of organizations surveyed saying they felt optimistic about their teams’ cybersecurity skills and education over the next two years. This paints a bleak picture. Not to worry! Here is a deeper look at the situation and how to avoid the threats now.
Cybersecurity Trends and Safeguards for 2024
Let’s look at some of the major challenges facing organizations when it comes to cybersecurity today:
Artificial Intelligence
AI is THE buzzword right now. It’s amazing what generative AI can do. ChatGPT is writing what could pass for Shakespeare and creating images that are so realistic it’s hard to tell what a deep fake is. We’ve only scratched the surface of the possibilities—however, the key to how excellent a tool can be lies in its use. GenAI is solving real-world problems. For example, with enhanced data points, AI technology can help create travel or shipping routes that maximize efficiency, thus minimizing fuel use and helping air travel contaminate the environment less. AI is also critical in the healthcare industry, helping professionals with increased access to data to serve their patients better. It can also make attracting professionals to the healthcare industry easier by improving working conditions. The possibilities are endless.
All that to say, those are when AI is used for good. On the other hand, it can just as quickly be used for evil… Those hackers who have been using primitive hacking techniques since the inception of the internet now have the same access as everyone else to use AI, specifically GenAI, to gain access to protected networks. We know they are trying all the possibilities. GenAI can make facial recognition difficult if done well enough to trick a security system. We thought biometrics were highly secure and can now be hacked and recreated perfectly.
Our imaginations can run wild in both directions. Still, one thing that is for sure is that AI-backed phishing attacks are becoming more sophisticated and difficult for end users to identify. Not only is genAI getting better at writing and improving its grammar, but large language models (LLMs) also give it a voice that can incorporate current real-time events, making it seem like you are texting someone you know about a recent event. The professional tone and real sense of urgency may let users drop their guard and respond to an infected message or email impulsively, only to infect an entire network. Hackers can use ever more targeted spear phishing attacks through information easily collected using tools like ChatGPT to make messaging particular to a person or specific organization.
Vishing
Another major threat is voice phishing or vishing. This tactic is just as it sounds – using deep voice fakes for phone calls and voice messaging. This is such a threat that the Federal Communications Commission (FCC) just made AI robocalls illegal ahead of the US general election. That’s how good they can be. Imagine receiving an SOS call from a friend or family member and giving away sensitive information to a criminal with the best of intentions. This is the future of phishing, and it’s going to take a lot to detect when calls are real.
In cybersecurity terms, it is guerilla warfare right now. Jane C. Ginsberg, an intellectual property legal expert (and daughter of former Supreme Court Justice Ruth Bader Ginsberg), recently gave an interview explaining exactly how complex it is to determine the “owner” of an AI-generated end product. Consider placing blame when an AI phishing attack occurs. Who is ultimately responsible? How are the creators tracked, and who is the creator? Is it a cybercriminal targeting an organization or an algorithm gone rogue? The scene will only get more complicated over time, so ensuring safety regarding traditional threats can allow organizations to focus on investing in AI-threat detection now.
Ransomware
Ransomware is also proving to be a major player in the cybersecurity industry this year. Companies like British Airways, Shell, and even the US Department of Energy are still experiencing hangovers from the MOVEit attack that happened in June 2023. MOVEit, a file transfer software, was hacked by the “Clop” data extortion gang, and the danger keeps trickling along. The total cost was estimated to be around $9,923,771,385 just two months after the hack. Clop continues to threaten organizations with publishing sensitive personal information unless they get paid. Even then, there is no guarantee.
The trend is going to continue to grow with hackers always increasing in sophistication and the fact that the tactic seemingly works. In early March 2024, United Healthcare paid out a whopping $22,000,000 to ensure patients could get their prescriptions and protect their information. As long as victims are paying, the crimes are going to keep growing. It’s not just the healthcare industry. The industries hackers tend to target are those with the ability to pay big, so think financial institutions, manufacturing, logistics, and the public sector. Everyone needs to protect their network and sensitive information because these hackers are getting bolder with each attack.
Ransomware is scary, but there are some things you can do to protect your organization’s sensitive data. First, make sure you have backups of any sensitive data. While sometimes criminals threaten to release data, the real problem comes when you get blocked from existing critical data. Host susceptible data offline, and have a backup plan should you be targeted. Similarly, use updated antivirus software. Engage in continuous updates, and scan anything downloaded from the internet before using it! It can seem like a lot, but with a sophisticated antivirus program a lot of the work can be done for you.
Additionally, the United States Cybersecurity and Infrastructure Agency (CISA) has launched a Stop Ransomware site dedicated purely to staying ahead of the latest attacks and providing information on what to do if you have been attacked. The Alerts page is an excellent resource to stay informed of major warnings or confirmed attacks.
The Skills Gap and Staffing Issues
Finally, the terrifying aspect of cybersecurity in 2024 is the increasing skills gap and staffing problems. While it seems like young people entering the workforce are born “knowing” the internet and using their phones and other gadgets like it’s natural, that doesn’t mean they are trained to protect their devices! Nor do they want to study cybersecurity. They will likely want to fill their TikTok feeds with crazy stunts and cool images. Not necessarily coding to protect networks from malicious actors. Coupled with the older members of the workforce aging out, a small number of people started getting into hacking (white or black hat) at the beginning and are still up to date on all the changing threats.
According to the ISC2 Cybersecurity Workforce Study, the cybersecurity workforce grew by 8.7% in 2023, but the gap between the number of workers and the number needed grew by 12.6%. Supply is short, and as the work becomes more complex, so does the required training. That training isn’t necessarily cheap. The report notes that cloud computing is suffering the most since it is a skill that is lacking but also extremely high in demand.
There’s a shortage of qualified candidates, exacerbated by the high demand for cybersecurity expertise across industries. The competitive job market leads to bidding wars for top talent, making it difficult for organizations with limited resources to attract skilled professionals. Finally, the constant pressure and stress inherent in cybersecurity roles contribute to high turnover rates as professionals seek better work-life balance and less demanding environments. Try to convince a Tik Tok’r to sit in the office monitoring screens…
To address these challenges, organizations can implement initiatives such as offering competitive salaries and benefits packages, providing continuous training and professional development opportunities, and fostering a positive and supportive work culture that prioritizes employee well-being and engagement. Additionally, partnerships with educational institutions and industry organizations can help nurture a pipeline of cybersecurity talent.
Additionally, organizations may want to consider investing in an executive security program, like the SCA Centurion ESO! Fractional or virtual executive security officers are a great way to stay ahead of the talent gap. By working with trusted, dedicated professionals, organizations can save the headaches associated with seeking out highly valued, difficult to find talent.
Investing in a comprehensive cybersecurity strategy and ongoing training for your organization will continue to be critical as the year progresses. SCA is committed to helping organizations assess their vulnerabilities and implement solutions to stay ahead of these increasingly complex threats. Reach out if you have any questions or are ready to work with a team of highly skilled cybersecurity professionals. Watch this space as we publish updates on cybersecurity trends, threats, opportunities, and best practices.