image of breaking badness
Breaking Badness
Breaking Badness

2024 Infosec Predictions

12/27/2023
iTunes SoundCloud Spotify RSS

It’s been a big year in infosec/cybersecurity, but we could say that almost every year. We did a similar discussion last year if you’d like to check that out, and we wanted to follow up on those predictions along with sharing some new ones for 2024.

Revisiting 2023 Predictions

  • The demise of Twitter/X was greatly exaggerated
    • There were a lot of folks who said it would go away, but it’s still here and keeps on rolling 
    • We did see the infosec community move to Mastodon, there’s some on Threads, there’s some on BlueSky
    • But there’s still a number of people in the community still on Twitter/X
    • If you built a large following on Twitter/X, it’s hard to recreate that on another platform 
    • Is Threads useful for infosec? That’s still up in the air 
    • Tim is still on Mastodon and there’s a fair number of people there to get good infosec information from – finds it polite and is happy there 
    • We’ll see where we are a year from now!
  • We predicted a full-on cyberwar between Russia and Ukraine
    • That turned out to be exaggerated, though we have seen some cyber activity 
    • Some Microsoft researchers said we won’t see the full extent of what’s happening for years 
    • It takes time to create sophisticated attacks, and Russia made little attacks and disruptions 
    • At the time of the recording, someone took out the largest Ukrainian network operator
      • Sean is putting his bets on Sandworm (to be clear, that’s pure speculation) 
    • At the beginning, the big move was taking out satellites 
    • We’re also seeing Russia do a lot of influence operations to break up the people supporting Ukraine to limit their funding 

2024 Infosec Predictions

  • Large Language Models (LLMs)
    • OpenAI and all of the other companies making all these models – it’s exploded onto the scene and it’s not going anywhere
    • Microsoft Security Co-Pilot – in beta right now
      • It has real-time plugins and can do queries 
    • Where are we going?
      • This plugin architecture helps LLMs move into the future and we predict we’ll see them handle a dozen plugins to more and it will make these models adaptable to different parts of society 
    • We’ll see LLMs deployed in Marketing to query the web to create content automatically to create collateral personalized to specific people in that company, but it will all be AI
      • Once Marketing figures it out, phishers will take advantage as well 
      • Daniel thinks the technology is pretty cool, but whatever you upload is part of the LLM and is accessible to other people and we haven’t seen the worst of that yet
    • We also did not predict people would make end of year predictions with ChatGPT :) 
  • Bad actors will use LLMs to go through the codebase and find all the zero days and get exploits out immediately
    • The prediction is that will ramp up the number of zero days and the pain in patches 
    • Joe St Sauver talked through this idea originally 
    • Sean thinks we’ll have a problem keeping up with patches in 2024 
  • Ransomware
    • More and more ransomware actors will move away from encryption and go to the extortion piece of the process
      • This was substantiated on a forum with Conti 
      • We’re going to see just pure extortion – seems plausible to Tim 
      • We haven’t yet seen a major story about a victim only having pure extortion, it likely has happened, but we haven’t seen a huge story about it 
      • Daniel thinks that has a high likelihood of happening
        • But you will see more exfil because in order to extort, you need to make the claim that you can do that 
        • Seems like DNS-oriented forensics is needed in this example
  • ALPHV reported to the SEC that a company they hacked did not report the hack to the SEC
    • Takes a certain kind of courage to do that 
    • If you are a publicly traded company, you have 4 days to report a hack 
    • Prediction is we’ll see APTs pretending to be ransomware to steal a doc or two, just to submit the filing to the SEC to cause pain and issues with the SEC and just drain resources
    • This is just an explosion of process that will cause folks to not do too great 
    • It’s a new denial of service – we’re calling it Tattletaleware or Snitchware 
  • What we’ve seen in the last year or two is the commercialization of ransomware
    • Is the ransomware community maturing to support specializations?
    • Prediction is there will be strife in the ransomware community
      • Will we see people backstabbed? Sean thinks we’ll see some of that
      • There’s no regulatory commission in the underground community 
      • The largest the community becomes, the more the possibility of in-fighting is inevitable 
      • Some of these actors already tear each other down in forums and that will continue, but the question is, does that make life easier for defenders?
        • We’re not sure, but mostly the ransomware ecosystem is Russian right now, but China and Iran are moving into it. 
        • North Korea is moving more into it – they’re willing to explore and test and there’s something there 
        • We’ll see other large communities interact with the Russian community 
  • Deepfakes as a service
    • That’s something in the whole AI wake because it’s capable of generating picture content as well as samples from sound
      • There’s something going around in the high school population where there are programs that aren’t difficult to access and take a picture of someone clothed and make the image unclothed and it’s very realistic looking 
      • It’s either for revenge or because they think it’s funny – even though it’s not real, it’s horribly embarrassing and that’s one of the dark sides of this 
      • Like anything on the Internet, anything that can be abused will be abused 
    • If there’s a way to make money off it, you’ll see it as a service 
    • There are now services that will take the likeness and sound of a loved one as they’re going through end of life care and build a chatbot so you can communicate with your loved ones after they pass away
      • That’s not a deepfake, but it’s something interesting and it moves into deepfake territory because what if you do it with someone alive?
      • For people who share a lot on social media, that will be a feeding frenzy 
    • Imagine the PR damage if the leader of a company looks like they’re saying something outrageous
      • The prediction is companies will want to keep leaders out of the public eye to give fewer video or voice samples as possible 
      • Tim can see a company saying, this person has kept a low profile in the leadership chain, so let’s keep it that way 
    • Sean predicts that a company will use deepfakes as a reason to bring everyone back to the office
      • This is 100% FUD, but he could see a company using that as the excuse to bring everyone back to the office because you can’t do a deepfake if everyone is in the office 
    • 2024 is a US presidential election year along with important Senate races as well
      • Tim thinks that a deepfake will make its way into a traditional media campaign like TV 
      • Will it happen on a national level? Maybe not, but it could happen in some way 
      • People take things out of context already, this could supercharge that 
    • Firehood of falsehoods
      • The idea is to sow fear and doubt into those who challenge your authority 
      • All of what you share have some nuggets of truth and they all sound credible 
      • It’s enough for people to fall off the path of what’s true and social media has amplified it 
      • This is part of Russia’s current playbook with NATO and stop funding to Ukraine 
      • There are full-on playbooks on how to operate – it’s down to a science 
      • The study of misinformation or disinformation will be a major field of study over the next decade 
  • The really big important prediction
    • How long will Taylor Swift and Travis Kelce make it as a couple?
      • Daniel has .75 which is the equivalent of 9 months starting in January 
      • Tim went with 3 years even – thinks that will be the longer side of what people think about this
      • Sean wrote 1 or 10+
        • He does think this was big sports and big music collaborating to get her fans to watch football and buy things and all football fans to go to the movies and concerts – it’s convenient in that way 
        • Sean thinks Travis is 100% smitten and hopes Taylor is happy
          • She will be the one to break it off 
          • And if she’s all in, they’re in for 10+ years 
      • She’ll get a song or a full album out of this 

That’s about all we have for this week, you can find us on Twitter @domaintools, all of the articles mentioned in our podcast will always be included on our podcast recap. Catch us Wednesdays at 9 AM Pacific time when we publish our next podcast and blog.

*A special thanks to John Roderick for our incredible podcast music!

Related Content

Three people smiling in a promotional image for the Breaking Badness podcast, highlighting the battle for digital privacy. The text reads "DNS-Stressed & DARPA-Pressed" and "Episode 197." A logo with a microphone sits at the top right against a blue gradient background.
Breaking Badness

DNS Gone Rogue & DARPA’s Cyber Puzzle: Lessons in Security Innovation 

Listen Now
Podcast promotional image for "Breaking Badness" episode 196, titled "Merry Click-Mas: Beware the Scams!" features three smiling hosts against a blue gradient background. Dive into the festive season's scams while exploring the battle for digital privacy in this intriguing episode!
Breaking Badness

The Rise of Holiday Scams and State-Sponsored Cyber Threats

Listen Now
Podcast advertisement featuring two people against a blue background. The text reads, "SBOMshell: How Secure Are Your Medical Devices?" and "Breaking Badness Podcast with Ken Zalevsky." Dive into the battle for digital privacy in healthcare technology.
Breaking Badness

Healthcare Cybersecurity: Protecting Patients in 2024 Ken Zalevsky

Listen Now
DomainTools Logo
Pricing Contact Login Support Request a Demo

© 2024 DomainTools

DomainTools® and DomainTools™ are owned by DomainTools, all rights reserved.

Privacy Policy    |    California Privacy Notice
Do Not Sell My Personal Information    |    Terms of Service    |    Sitemap