top of page
CyberBackgroundBlue_min.png

Cyber Blog

Writer's pictureColin Mc Hugo

Cybersecurity Landscape 2024: The Rise of AI-Powered Malware and IoT Threats

As we navigate through 2024, the cybersecurity landscape continues to evolve at an alarming pace. Recent reports from industry leaders highlight significant trends that demand our attention, particularly the emergence of AI-powered malware and the increasing vulnerability of IoT devices.

 

 AI-Assisted Malware Development

 

One of the most concerning developments in 2024 is the growing use of artificial intelligence by cybercriminals to create sophisticated malware. Check Point Software's Global Threat Index for September 2024 reveals that threat actors are leveraging AI to develop complex attack scripts[7]. This trend is particularly worrying as it lowers the entry barrier for cybercriminals with limited technical skills, potentially leading to a surge in sophisticated cyber attacks.

 

A prime example of this AI-assisted malware is AsyncRAT, which ranked 10th among the most prevalent malware in September 2024[7]. Researchers discovered that the malware's delivery script, which uses HTML smuggling to send password-protected ZIP files containing malicious VBScript, was likely developed using AI. The well-structured and extensively commented code is a telltale sign of AI involvement in its creation[7].

 

 The IoT Vulnerability Landscape

 

The Internet of Things (IoT) continues to be a prime target for cybercriminals. SonicWall's 2024 Mid-Year Cyber Threat Report revealed a staggering 107% year-on-year increase in attacks targeting IoT devices in the first half of 2024[4]. This surge is attributed to the often inadequate security measures implemented in these devices.

 

One particularly concerning trend is the use of search engines like Shodan by malware to identify and exploit vulnerable IoT devices. The BotenaGo malware, for instance, has more than 30 different exploit functions to attack targets[3]. By searching for specific string signatures on Shodan, such as "Server: Boa/0.93.15", attackers can potentially identify millions of vulnerable devices[3].

 

 Malware Trends and Statistics

 

The overall malware landscape has seen a significant uptick in 2024. SonicWall reported a 30% increase in malware-based threats in the first half of 2024 compared to the same period in 2023[4]. Notably, there was a 92% year-on-year increase in May alone.

 

Some key statistics from the report include:

 

- 78,923 new malware variants observed in H1 2024

- 526 never-before-seen malware variants discovered daily

- 15% of all observed malware leveraging software packing as the primary MITRE TTP

- 92% surge in encrypted threats, indicating increased use of TLS-encrypted transfers for malware delivery

 

 Emerging Threats and Attack Vectors

 

 PowerShell Exploitation

 

Over 90% of malware families, including AgentTesla, GuLoader, AsyncRAT, DBatLoader, and LokiBot, are now exploiting PowerShell, a legitimate Windows automation tool[4]. Attackers use PowerShell scripts for various malicious tasks, including detection evasion and downloading additional malware.

 

 MFA Bypass Techniques

 

Several malware targeting Android systems have been upgraded to bypass multi-factor authentication (MFA) protocols. Notable examples include:

 

- Anubis: A banking trojan capable of capturing SMS messages with one-time passwords

- AhMyth: A RAT that performs keylogging, takes screenshots, and intercepts MFA OTPs

- Cerberus: Features SMS control, keylogging, and audio recording to bypass MFA for unauthorized transactions[4]

 

 Ransomware Trends

 

Interestingly, ransomware prevalence varies by region. While North America and Latin America saw increases of 15% and 51% respectively in H1 2024, the EMEA region experienced a 49% decrease in ransomware attacks[4].

 

 The Role of AI in Cybersecurity

 

While AI is being exploited by cybercriminals, it's also a powerful tool for cybersecurity professionals. AI can help in:

 

1. Threat detection and response

2. Anomaly detection in network traffic

3. Automated patch management

4. Predictive analysis of potential vulnerabilities

 

However, the use of AI in cybersecurity is a double-edged sword. As Maya Horowitz, VP of Research at Check Point Software, notes, "The fact that threat actors have started utilising generative AI as part of their attack infrastructure highlights the continuous evolution of cyber-attack tactics"[7].


 

 Conclusion

 

As we move forward in 2024, the cybersecurity landscape continues to present new challenges. The rise of AI-powered malware and the increasing vulnerability of IoT devices underscore the need for robust, adaptive security measures. Organizations must prioritize comprehensive security strategies, including regular software updates, employee training, and the implementation of advanced threat detection systems.

 

In this evolving threat landscape, staying informed and proactive is key to maintaining a strong cybersecurity posture. As cybercriminals continue to innovate, so must our defenses.

 

References

[1] Spotlight on cybersecurity: 10 things you need to know in 2024 https://www.weforum.org/stories/2024/10/cybersecurity-threats-in-2024/

[2] Check Point Software's 2023 Cyber Security Report - Contact Us https://pages.checkpoint.com/cyber-security-report-2023.html

[4] Malware Attacks Surge 30% in First Half of 2024 https://www.infosecurity-magazine.com/news/malware-attacks-surge-30-per-cent/

4 views0 comments

Comments


bottom of page