Hacker Rentals, Mobile Device Attacks, and Malicious Artificial Intelligence in 2024

Every November 30th marks World Cybersecurity Day, a date dedicated to raising awareness about current global risks. The choice of this date is linked to the surge in purchases during the northern hemisphere's holiday season and the growing trend of online shopping towards the year-end.
This commemoration was established by the Association for Computing Machinery (ACM), that promotes computational education and research, boasting over 110,000 students across approximately 100 countries. The initiative traces back to November 1988 when one of the first viruses affecting computers at Cornell University in the U.S. was detected.

Here, we present some predictions regarding cybersecurity trends.

Artificial Intelligence
The phishing technique, designed to deceive individuals into divulging personal information, has become more effective with the proliferation of artificial intelligence (AI). In 2024, emerging AI tools are expected to facilitate the creation of more sophisticated phishing messages and identity impersonation. Attackers might employ creative automation methods, gathering online data to craft personalised messages mimicking the style of individuals close to the victim.

Surveillance and Mobile Phone Espionage
Given that there are more mobile phones than people globally, these devices are frequent targets of attacks. Kaspersky's "Operation Triangulation" this year revealed espionage targeted at iPhone devices through malware, emphasizing the importance of caution when handling files in iMessage.

Rent-a-hacker
The trend of "malware as a commodity" involves threats available at a low cost and easy to configure. There is an observed increase in the sale of tools for hacking systems and personal data. Additionally, malicious programs like Mars Stealer are sold on the dark web, with a structure resembling a legitimate e-commerce site. We expect the growth of on-demand hacking groups in 2024.

Supply Chain Attacks
An increase in attacks on the supply chain is anticipated, targeting small businesses to actually impact larger ones. Motivations for these attacks can range from economic gain to espionage. The demand for Security Operations Center as a Service (SOCaaS) indicates that companies seek to orchestrate their information to defend against large-scale threats.

Recommendations to Stay Vigilant
1. Exercise caution when receiving unsolicited emails, messages, or calls.
2. Avoid falling into states of "urgency" created by cyber criminals.
3. Carefully examine the origin and links in emails.
4. Do not click on suspicious links; open a new tab and access the website manually.
5. Always validate the authenticity of a website before entering private information.
6. Keep antivirus software updated and activate two-factor authentication for important services.