Page 134 - Cyber Defense eMagazine July 2024
P. 134
AI Spear Phishing Tool Sales Boom on the Dark Web
While AI/ML may still only account for a fraction of attacks, during 2024 we expect to see threat actors
really begin experimenting with AI attack tools and start to sell them on the underground. We foresee a
boom in the emerging market for automated spear phishing tools, or a combination of tools, on the dark
web. Spear phishing is one of the most effective tactics attackers have to breach networks. However,
traditionally it has also required a massive amount of manual work to research and target victims. There
are already publicly available tools for sale on the underground to send spam email, automatically craft
convincing, targeted text when equipped with the right prompts, and scrape the Internet and social media
for a particular target's information and connections. But a lot of these tools are still manual and require
attackers to target one user or group at a time. Well-formatted procedural tasks like these are perfect for
automation via AI/ML. During 2024, we expect to see at least one AI/ML-based tool to help automated
spear phishing show up for sale on the underground.
AI-Based Vishing Takes Off in 2024
Voice phishing (vishing) increased over 550% YoY between the first quarter of 2021 and Q1 2022.
Vishing is when a scammer calls you pretending to be a reputable company or organization or even a
co-worker (or someone's boss) and tries to get you to do something they can monetize, such as buying
gift cards or cryptocurrency on their behalf.
The only thing holding this attack back is its reliance on human power. While VoIP and automation
technology make it easy to mass dial thousands of numbers and leave messages or redirect victims
unlucky enough to answer, once they've been baited to get on the line, a human scammer must take
over the call to reel them in (so to speak). Many of these vishing gangs end up being large call centers
in particular areas of the world, very similar to support call centers, where many employees have fresh
daily scripts that they follow to socially engineer you out of your money. This reliance on human capital
is one of the few things limiting the scale of vishing operations.
We predict that the combination of convincing deepfake audio and large language models (LLMs)
capable of carrying on conversations with unsuspecting victims will greatly increase the scale and volume
of vishing calls we see in 2024. What's more, they may not even require a human threat actor's
participation.
MSPs Double Security Services via Automated Platforms
The last full-year estimate pegged the global number of unfilled cybersecurity jobs at 3.4 million, a figure
that surely grew substantially in 2023. Adding fuel to the fire, cybersecurity has a burnout problem (pun
intended), which is why Gartner predicts nearly 50% of cybersecurity leaders will change jobs,
contributing to a “great cybersecurity resignation.” With so many unfilled cybersecurity positions, how will
the average small to midmarket company protect themselves?
The answer is managed service and security service providers (MSP/MSSPs). MSPs will enjoy significant
growth in their managed detection and response (MDR) and security operations center (SOC) services
Cyber Defense eMagazine – July 2024 Edition 134
Copyright © 2024, Cyber Defense Magazine. All rights reserved worldwide.
