AS the digital landscape continues to evolve, Kaspersky’s latest projections indicate a notable upsurge in sophisticated cyber threats for the year 2024.
Based on its latest report, Kasperky’s Global Research and Analysis Team (GReAT) predicts a significant expansion in the capabilities of Advanced Persistent Threat (APT) actors, particularly in the realms of mobile, wearable, and smart device exploitation.
“We will likely witness threat actors broadening their surveillance efforts, targeting various consumer devices through vulnerabilities and ‘silent’ exploit delivery methods, including zero-click attacks through messengers, one-click attacks via SMS or messaging apps, and network traffic interception. Protection of personal and corporate devices has become increasingly vital,” the Kaspersky report read.
The report also draws attention to an imminent increase in the use of AI-powered techniques for spear phishing. These advanced methods are expected to enable attackers to create highly personalized and convincing fraudulent communications, posing an unprecedented challenge to cybersecurity measures.
One of the most alarming predictions is the potential for new exploits on mobile and wearable devices, an area that has seen relatively less focus in the past.
Kaspersky anticipates these devices to become key targets for APT actors, with sophisticated attack methods including zero-click and one-click exploits, and network traffic interception.
Another key area that Kasperky noted would be vulnerable are appliance softwares, especially since this “sometimes receives limited research and delayed fixes, potentially paving the way for new, large-scale, and stealthy botnets capable of targeted attacks.”
The landscape of cyber warfare is also expected to change, with a surge in “state-sponsored cyberattacks” and hacktivism, fueled by geopolitical tensions. These attacks may range from data theft and encryption to more destructive aims like IT infrastructure sabotage.
Kaspersky also predicts a growth in supply chain attacks and the emergence of hack-for-hire services.
These developments could lead to more widespread and effective cyberattacks, leveraging vulnerabilities in software and hardware supply chains.
“In 2023, the notable surge in the availability of AI tools didn’t elude the attention of advanced malicious actors engaged in extensive and highly sophisticated campaigns. However, we anticipate that upcoming trends go beyond AI implications, including new methods for conducting supply chain attacks, the emergence of hack-for-hire services, novel exploits for consumer devices, and more. Our goal is to provide defenders with advanced threat intelligence that stays ahead of the latest threat developments, enhancing their capacity to fend off cyberattacks more effectively,” Kaspersky Director for Global Research Igor Kuznetsov said.
The year 2023 marked a significant escalation in cyber threats faced by the Philippines, highlighting vulnerabilities in its digital infrastructure.
In April, a massive data breach compromised the personal information of millions of Filipinos. This incident exposed sensitive records from crucial institutions, including the Bureau of Internal Revenue.
Likewise, the Philippine Health Insurance Corp. (PhilHealth) suffered a severe Medusa ransomware attack. This incident, reported in October, affected around 13 million members.
Furthermore, the country’s legislative institutions were not spared. Websites of the Senate and House were subjected to a series of cyber attacks.
These incidents prompted legislative action, with resolutions filed to inquire into the attacks, aiming to bolster the nation’s digital defenses.