As technology evolves and new innovations come to market, so too do threat actors find new ways to compromise software and exploit vulnerabilities. That’s why, in tangent with adopting and learning new tools and methods, we must stay stringent in security efforts. With the increasing adoption of AI, for example, it can be expected that organizations will need to reconsider their security measures.
Reflecting on changes in the industry over the past year, as well as the research we’ve published, the Sonar Vulnerability Research team came together and compiled our thoughts on what we foresee for cybersecurity in 2024. Here are a few predictions from our team:
- Supply-Chain Attacks on Code: A growing list of supply-chain attacks makes them a hot topic for development organizations today. There’s an underlying design issue exploited by these attacks and it is that all modern software is built on top of other third-party software components, often without clear visibility on the code quality of all the downloaded packages. A single code vulnerability introduced by a library can be used for large-scale attacks against multiple softwares using this library. Because the main code of popular open source software becomes well-reviewed and tested, attackers will focus more on finding previously unknown code vulnerabilities hidden in widely used but lesser-known open source libraries. It’s a very effective and subtle attack vector to compromise many organizations at once. In tandem with the risk and threats, the importance of a deeper code analysis will grow that also covers the code of libraries.
- Regulatory Changes to Make Security Best Practices the Norm: Security has always been seen as a cost center — and hence, optional. As new regulations and compliance requirements are introduced, e.g. the new SEC rule forcing public companies to disclose material cybersecurity incidents within four days, it is forced to become the norm. This has a profound impact on how companies implement their security, internalizing and shifting left as much as possible. This shift favors proven and cost-effective practices, leaving most of the AI-powered security hype behind us.
- Increase of (Detected) in-the-Wild Exploitation Campaigns: As we keep on getting better at detecting and analyzing in-the-wild exploitation campaigns of both known (N-days) and previously unknown (0-days) vulnerabilities, we'll notice an upward trend of these. It doesn't mean that threat actors are more active — only that we are finally catching up.
- AI-Assisted Attacks to Become More Sophisticated and Automated: IT security attacks leveraging AI are expected to become more sophisticated and automated. Hackers will likely use AI to analyze vast amounts of data and launch targeted attacks. AI-driven phishing attackers capable of generating highly convincing and personalized messages, which trick users into revealing sensitive information, may increase. Furthermore, AI-powered malware could adapt and evolve in real time, making it more challenging for traditional antimalware detection systems to keep up.
- Dangers of AI-generated code: We will see an even bigger increase in the use of AI to generate source code, which results in improved productivity and faster development cycles. However, this reliance on AI-generated code can be very deceptive. AI models are only as good as the data on which they are trained. This means that this code can contain bugs and security issues, just as human-written code. In 2024, we will likely see the first examples of security issues introduced by AI-generated code.
Only time will tell in terms of what will happen in 2024, but to ensure you stay ahead of attackers and potential threats, remember to remain proactive in your cybersecurity efforts. Also, make sure to subscribe to our blog to keep up to date on the research that our team publishes on the real-world vulnerabilities we find in open source projects.