Image by thinkhub studio / copyright Shutterstock

These insights, derived from expert analyses and business trends, forecast a year of significant change and challenge in the cyber domain, with real-world implications. A rise in climate hacktivism, escalating multilingual AI threats and the first 'AI worm' are among the key predictions from Darktrace's experts

Advertisement

Exploited elections
The coming year will be crucial for democracy and high stakes elections, as Russia, Ukraine, UK and US potentially hit the polls to elect their leaders.

The use of cyber attacks to manipulate voters is nothing new but this year could see a new weapon exploited - AI-generated deepfakes and propaganda, to either destabilise the vote, or amplify one candidate over another. This capability is more accessible than ever and whilst outlandish statements might be relatively easy to refute, subtle alterations and manipulations of content could be enough to sow elements of doubt.

Other techniques might be resurrected, like the use of stolen political and electoral data, which we saw in the 2016 US election and UK’s Brexit referendum. Voters will need to be mindful of the content they consume and the reputability of their sources. 

Cyber threats go multilingual
For decades, the majority of cyber-enabled social engineering, like phishing, has been carried out in English, the international language of business. This made the Asia-Pacific region, home to diverse and complex languages, a relative safe haven from attackers.

However, Generative AI has dramatically dropped the barrier to entry for composing text in foreign languages and we can expect attackers to add new language capabilities which were previously viewed as too complex to be worth the effort, including Mandarin, Japanese, Korean and Hindi. That threat will be compounded by employees coached to look out for phishing emails written in English but not their own language, to make phishing in new languages a fertile ground for attackers and a weak spot for APAC’s businesses

Businesses face additional AI dangers
Businesses need to be wary of malicious actors, nation-states and ransomware groups who will continue to leverage the widespread adoption of AI.

It is critical that businesses prepare for this and the danger of advancing threats. Twenty twenty-four may also be the year we see the first AI worm  deployed - combining traditional worming ransomware like WannaCry or notPetya with more advanced, AI-driven automation to create an aggressive autonomous agent, capable of burrowing into business’ software.

Rise of climate hacktivism
Darktrace anticipates a new wave of eco-activism, marking 2024 as the year of climate ‘hacktivism’ in the cyberspace. Over the past year climate change campaigners caused significant disruption through physical protests but experts predict that the next phase of protest could be cyber-led.

Campaigners may target fossil fuel companies with AI-powered, sophisticated cyber-attacks, which will disrupt, damage and send a firm message to polluters.  

Advertisement

Cloud: the Achilles heel for businesses’ cybersecurity
Cloud environments are increasingly becoming a source of vulnerability for businesses – and this is set to continue in the coming year. There is a shortage of expertise and skills when dealing with the cloud and as more data storage and processing shifts to the cloud, these platforms will become even more of a prime target for cybercriminals. Businesses will need to recognise and address this vulnerability.

Toby Lewis, Global Head of Threat Analysis at Darktrace, said: "Twenty twenty-three was a pivotal year in AI development and adoption but as governments and businesses have woken up to the AI revolution, so too have cyber criminals and we are seeing increasing evidence that they are seizing these tools for their own gain.

“This will only accelerate in 2024. Significant global events and trends will become a target for those looking to exploit and disrupt, while generative AI will open doors for more advanced multilingual attacks and climate ‘hacktivism’.

“This underscores the need for advanced, AI-driven cybersecurity solutions. As bad actors become smarter and more sophisticated, businesses need to be equipped with the tools to prevent and protect, and the public be increasingly wary of their data and the content they consume."

Darktrace employs over 2,200 people around the world and protects approximately 8,900 customers globally from advanced cyber threats. Darktrace innovations at its Cyber AI Research Centre in Cambridge, UK, have resulted in over 160 patents filed and research published to contribute to the cyber security community.