Cyber Security
Cybersecurity Forecast: Key Concerns Predicted by Hackers for 2024
Every year around December experts at NordVPN try to predict the cybersecurity risks awaiting us in the next year. This year they decided to take a different route and look into the biggest dark web forum to find out what were the most discussed topics and base their predictions on their findings.
“Every year we try to predict sophisticated attacks from experienced hackers, who mostly target businesses or influential people,” says Marijus Briedis, a CTO at NordVPN. “Taking this year’s approach helped us realize that regular internet users, however, are often attacked by amateur hackers who are still developing their craft. They can also cause a lot of harm to their unsuspecting victims and users need to be informed about their plans.”
Below you will find the top five predictions made by cybersecurity experts at NordVPN based on what hackers talk about online.
Leaked n*des will be trending on the dark web
The most commented threads on the forum included those about leaked n*des from OnlyFans, Instagram, and other content-sharing platforms. Threads about leaked n*des received almost 1,850 comments and were among the top 20 most commented threads on the forum.
“This means that next year we will see even more attacks, where pictures of people will be leaked. Another route criminals can take is using AI or deepfake technology to create fake n*des to trick their buyers,” says Marijus Briedis. To avoid having pictures leaked online, Warmenhoven recommends abstaining from sending photos through social media and using encrypted cloud solutions when sharing photos.
AI will be there to help hackers
Hacked ChatGPT accounts and tutorials on using AI for attacks are very popular amongst hackers. This not only means that AI users are on the radar, but hackers are learning how to use AI to increase the capacity of their work and make their job easier, quicker, and more effective.
“The utilisation of AI tools will facilitate the automation of a significant portion of phishing attacks, and it is anticipated that the frequency of such attacks will escalate in the future, posing significant cybersecurity threats,” says Briedis.
He also mentions that users who are unsure they can identify phishing emails can use browser extensions created to serve that purpose.
The number of amateur hackers will be growing
Every tenth post on the forum was about learning how to execute some kind of attack. Among the most commented threads were: “How to dox,” “List of useful resources for pen-testers and hackers”, “How to hack WhatsApp of your friend by sending a single ink,” “How to instantly crack TikTok accounts easily,” “WiFi hacking course,” and others.
This means that hackers are sharing their knowledge and we can expect the number of amateur hackers to rise together with the number of attacks they execute. So users should be even more serious about their cybersecurity education and keep themselves updated about the latest attacks.
Customer data will be selling like hot-cakes
Researchers found that around 55% of discussion threads were around leaked customer data, such as social media credentials, driver licenses, addresses, emails, and other bits of personal information. This means that hackers are still after vulnerable personal data and no user is safe from hacking.
Warmenhoven says that the simple thing users can do to protect their online data is to use MFA (multi-factor authentication) wherever possible.
Biometric authentication won’t be the answer
Many platforms that care about the security of their users now provide the ability to authenticate biometrically. However, the research showed that hackers have already learned how to bypass some of the biometric authentication methods, such as the selfie verification that some crypto platforms use. The thread explaining how to bypass selfie verification collected more than 200 comments.
“Biometric authentication will surely be a part of authentication in the future, but only if it is multi-factor,” says Marijus Briedis. “So we can not only predict that biometric authentication will show to be unreliable, but that more layered ways to protect online accounts will appear.”
One of the latest developments in the sphere has been passkeys technology. A passkey is a pair of related keys: public and private. Public and private keys do not work without one another and therefore are useless to hackers. Moreover, the passkey on your gadget (private key) cannot be accessed without biometric identification (of the device’s owner) or a PIN, which adds extra protection.
Cyber Security
CrowdStrike to Acquire Adaptive Shield
CrowdStrike has announced it has agreed to acquire Adaptive Shield, a leading provider of SaaS security solutions. With this acquisition, CrowdStrike will be able to provide unified, end-to-end protection against identity-based attacks across the entire modern cloud ecosystem – from on-premises Active Directory to cloud-based identity providers and SaaS applications – delivered from a single, unified platform. Announced at Fal.Con Europe, CrowdStrike’s inaugural premier user conference in the region, this acquisition will position CrowdStrike as the leading provider of comprehensive protection across complex hybrid environments.
“CrowdStrike was built to tackle the toughest cybersecurity challenges, and we drive relentless innovation based on what our customers need to stay ahead of modern threats,” said George Kurtz, CEO and founder, CrowdStrike. “As SaaS and AI adoption grows, every new application brings additional complexity and the risk of misconfigurations across human and non-human accounts that create openings for sophisticated attacks. With the acquisition of Adaptive Shield, CrowdStrike will continue to set the standard for identity-based protection in the cloud, delivering best-in-class SaaS protection from the Falcon platform.”
Cloud exploitation cases grew by 110% last year, while identity-based attacks continue to rise – 75% of attacks to gain initial access are now malware-free. ‘Cross-domain’ adversaries, targeting identity and cloud, have numerous attack paths, from on-premises Active Directory to cloud-based identity providers and the growing landscape of SaaS applications. The complexity of modern hybrid cloud environments and disconnected security tools create protection gaps, making it difficult to prevent identity-based threats.
SaaS is projected to be the largest category of cloud computing in 2024, capturing more than 40% of all public cloud spending. Under the SaaS shared responsibility model, SaaS vendors provide security controls, while organizations manage configurations. In today’s complex environments, where hundreds of SaaS applications each come with unique access controls and identity configurations, security teams face significant challenges in maintaining visibility into who has access, what sensitive data is exposed, and active threats – even with purpose-built SaaS protection.
Adaptive Shield delivers the industry’s most complete security posture management and threat protection across SaaS identities, misconfigurations and data, stopping SaaS breaches. As an integrated component of the CrowdStrike Falcon cybersecurity platform, Adaptive Shield will equip CrowdStrike with the most advanced capabilities to stop identity-based attacks across all aspects of modern hybrid cloud environments. Customer benefits will include:
- Comprehensive SaaS Security Posture Management (SSPM): Organizations gain full visibility and governance over misconfigurations, the entitlements and activity levels of both human and non-human identities, and exposed data across 150+ SaaS applications. This new end-to-end visibility of identities across hybrid cloud environments gives operators a unique context for rapid cloud detection and response (CDR).
- GenAI Application Security Control: By continuously monitoring GenAI SaaS applications, Adaptive Shield empowers organizations to enforce consistent security standards by detecting configuration shifts, controlling AI settings to prevent data leakage, and identifying shadow AI applications to revoke access based on their risk profile. This approach ensures that AI-integrated applications remain aligned with security policies to protect sensitive data.
- Unified Hybrid Identity and Cloud Security: The powerful combination of Adaptive Shield and CrowdStrike Falcon Identity Protection will provide customers with comprehensive identity protection across SaaS, on-premises Active Directory and cloud-based environments (Okta and Microsoft Entra ID). CrowdStrike Falcon Cloud Security customers will also gain unified visibility and protection across the entire modern cloud estate – infrastructure, custom applications, data, AI models and SaaS applications – all from the same unified console and workflow.
- Existing Integration Accelerates Detection and Response: Adaptive Shield’s existing integration with CrowdStrike Falcon Next-Gen SIEM provides rapid first-party detection and response across multiple security domains – endpoints, identities, workloads and applications – automatically correlating detections inline with the latest threat intelligence and Falcon Fusion SOAR delivering near real-time response.
“Widespread adoption of SaaS applications has rapidly expanded the enterprise attack surface, as shared responsibility models and fragmented security controls make SaaS environments a prime target,” said Maor Bin, CEO and co-founder, Adaptive Shield. “Our mission perfectly complements CrowdStrike, stopping SaaS breaches while further accelerating consolidation on cybersecurity’s most comprehensive platform. I’m incredibly proud of our team for building the most advanced SaaS security solution, defining the market.”
Cyber Security
Email Security Breach Rampant with 80% of Organisations Affected
OPSWAT has released the 2024 Report: Email Security Threats Against Critical Infrastructure Organizations. This research was conducted with Osterman Research, known for its in-depth analysis and insights into emerging trends and technologies in IT security and data management. The study surveyed IT and security leaders working within critical infrastructure industries and revealed that 80% of organizations experienced an email-related security breach over the past year and 63.3% of respondents acknowledge that their email security approach needs to be improved.
Email is a necessary tool for communication and productivity across all sectors, but it is also the primary attack vector for cyber threats with attackers exploiting vulnerabilities through phishing attempts, malicious links, and harmful attachments. Once infiltrated, these threats can cascade through networks, jeopardizing both IT and operational technology (OT) environments. Alarmingly, more than half of respondents believed email messages and attachments to be benign by default, failing to realize inherent email risks.
Key takeaways from the research include:
- Up to 80% of organizations in critical infrastructure sectors have been the victim of an email security breach in the past 12 months: Per 1,000 employees, the organizations in this research experienced 5.7 successful phishing incidents per year, 5.6 account compromises, and 4.4 incidents of data leakage, among other types of email security breaches. Organizations in critical infrastructure sectors are highly attractive to cyber threat actors and are under constant attack.
- Email is the primary cybersecurity attack vector in critical infrastructure sectors: A median of 75% of cybersecurity threats against organizations in critical infrastructure sectors arrive via email. For two out of three organizations, the share of cybersecurity threats arriving by email ranges from 61% to 100%.
- Success metrics for email security are low: 48% of the critical infrastructure organizations in this research are not confident that their current email security protections are sufficient against email-borne attacks. Only 34.4% are fully compliant with the email-related regulations that apply to them, e.g., GDPR and other privacy regulations. And 63.6% are not confident that their approach to email security is best in class.
- Threat levels for all types of cybersecurity attacks are expected to increase, with phishing, data exfiltration, and zero-day malware attacks leading the way: Over 80% of organizations expect threat levels of all email attack types to increase or stay the same over the next 12 months.
- Most organisations do not approach email as malicious by default: More than half of the critical infrastructure organizations in this research operate from the assumption that messages and files are benign by default or attempt to operate from the flawed assumption that they are both benign by default and malicious by default. Many more firms need to embrace zero-trust approaches for email security.
- Organisations aspire to be dramatically better—and rapidly, too: While current email security efficacy metrics are low, aspirations run high for a dramatic and rapid shift. While only 52.0% of organizations are confident in their current email security protections, 74.8% aspire to reach this level within 12 months. In a similar vein, 84.8% of the organizations aspire to be at a place where their approach to email security protects them from emerging and as-yet-unknown email threats over the next 12 months.
“This survey findings emphasize the need to adopt a zero-trust mindset. The prevalence of email-related breaches poses a significant threat to critical infrastructure organizations, necessitating a shift to a stronger, prevention-based perimeter defence strategy against established communication and data exchange channels,” commented Yiyi Miao, Chief Product Officer at OPSWAT.
The survey responses also unveiled a major gap in advanced email security capabilities that preclude and prevent threats from reaching users’ inboxes. Essential measures such as Content Disarm and Reconstruction (CDR), URL scanning for malicious signals, and anomaly detection within email messages are notably absent in many organisations’ defences. In response to these critical challenges, OPSWAT reaffirms its commitment to equipping critical infrastructure organisations with cutting-edge, prevention-based cybersecurity solutions.
Cyber Security
Positive Technologies Expands into ME and South Asia
At GITEX GLOBAL 2024 Positive Technologies forged partnerships with cybersecurity service and solution providers from Saudi Arabia, the UAE, Egypt, and India. The primary goal of the cooperation is to share expertise in result-driven cybersecurity and promote cutting-edge cybersecurity products.
According to recent studies by Positive Technologies, more than half of all attacks on organizations in the Middle East target the public sector, industry, telecommunications, and IT companies. In the first half of 2024, the number of DDoS attacks in Gulf countries increased by 70% compared to the same period in 2023. Credentials for accessing the IT infrastructure of local companies are sold on dark web platforms, and two-thirds of all available credentials are offered for less than $1,000. Under such circumstances, Positive Technologies recommends building continuous, automated protection against organization-specific non-tolerable events.
“Companies in the region are very enthusiastic about our idea to automate cybersecurity processes with the help of MaxPatrol O2—a solution that automatically identifies cyberattack chains and responds to them,” said Evgeniya Popova, Director of International Business Development at Positive Technologies. “In addition, we receive a lot of interest from partners who specialize in specific areas, such as OT infrastructure security. They appreciate the scale and depth of our offer which includes PT ICS, a comprehensive solution for protecting the industrial IT and OT infrastructure. Our expertise in application security and secure development, incorporated in our product PT Application Inspector, is also in high demand.”
Evgeniya Popova also noted the geographical expansion of the company’s partner network: Positive Technologies is in the process of signing agreements with companies operating in and beyond the Middle East. Salem Baras, CEO of Innovative Solutions (Saudi Arabia), commented, “Positive Technologies has made a long-term commitment to further develop the overall cybersecurity capabilities in the region and enhance the quality of cybersecurity services and solutions. This is a significant advantage for us. As a leading cybersecurity provider in the GCC, we are partnering with Positive Technologies to build our capabilities and help our customers in the region to be protected. The cybersecurity market is evolving and facing numerous challenges, and it needs companies like Positive Technologies to grow and protect our future.”
“For the past two years, Positive Technologies has been our key partner in the UAE. As a leader in the country’s cybersecurity domain, we are keen to continue our partnership, promoting advanced technologies. Our main priorities are SOC operations and vulnerability management,” said Nishad Sukumaran, COO of NX Digital Technology (UAE).
Experts at Positive Technologies also report that the number of cyberattacks in India increased by 15% in 2023 and surged by 46% in Q2 2024. Over two-thirds of all attacks resulted in leakage of confidential information. So it’s no coincidence that it was in India that Positive Technologies launched a series of international meetups for cybersecurity experts on October 11, 2024.
“We are a value-added cybersecurity distribution company, and our mission is to provide the best technologies and services to our partners and clients. Positive Technologies is our like-minded partner on this path, and we are excited to expand our collaboration in the Middle East, Africa, and India,” said Jibu John, Founder and CEO of CyberDisti (India). Last year at GITEX GLOBAL 2023, Positive Technologies signed partnership agreements with several cybersecurity solution providers, including organizations from Bahrain and Singapore.
-
Cyber Security1 week ago
Positive Technologies Joins OIC CERT
-
Cyber Security1 week ago
Embargo Ransomware Group Targets Businesses with Advanced Tactics
-
Homeland Security1 week ago
Huawei Showcases Vision for a Safer, Smarter Future at Milipol Qatar 2024
-
Cyber Security15 hours ago
Email Security Breach Rampant with 80% of Organisations Affected
-
Cyber Security22 hours ago
Tackling Cyberbullying with Cybersecurity to Defend the Digital Playground
-
Cyber Security14 hours ago
CrowdStrike to Acquire Adaptive Shield
-
News22 hours ago
Toshiba Collaborates with PROMISE Technology on Providing the Optimal Data Storage Technology for CERN’s Large Hadron Collider
-
Cyber Security15 hours ago
Positive Technologies Expands into ME and South Asia