IQSEC Expects AI Cyberattacks to Increase in 2024

Cyberattacks orchestrated by Artificial Intelligence (AI) are projected to surge in 2024, posing a potential threat to organization's operational continuity by targeting the vulnerabilities of emerging technologies during 2024, according to IQSEC. This surge in AI-driven attacks has the potential to undercut organizations' enthusiasm for adopting emerging technologies, as it exposes them to an elevated risk of cyberthreats. 

“AI is playing a leading role in cybersecurity, but also an antagonistic one, creating new attack vectors through its misuse. With generative AI, for example, phishing attack techniques are being perfected, personalizing fake emails that go unnoticed due to the level of detail in duplicating domains,” explains Felipe Méndez, Lead Solutions Architect for Cybersecurity, IQSEC. 

Egress’ 2023 Phishing Threat Trends Report reveals a noteworthy evolution in attack methodologies,  reflecting a shift towards more sophisticated cyberattacks capable of eluding traditional cybersecurity solutions. According to the report, the success rate of phishing attacks targeting the Secure Email Gateway (SEG) has increased by 29% since 2022. Phishing attacks originating from compromised accounts have also increased, 11% in comparison to the previous year. IQSEC attributes these surges to the growing sophistication of attacks enabled and bolstered by AI.  Other contributing variables include low cybersecurity awareness and the digitalization of transactions in and across Latin America. 

Artificial Intelligence is contributing to the rise of highly convincing deepfakes, significantly impacting AI-driven fraud. Identity fraud has notably increased from 0.48% in 2021 to 1.27% in 2023, explained Mendez. In fact, Sumsub's Identity Fraud Report 2023 revealed a 700% growth in deepfake incidents in Mexico, 2023. In the broader Latin American context, Mexico ranks fourth in the frequency of deepfake attacks, with Brazil leading at 49.6% of all registered deepfake-related attacks in the region.

These statistics underscore the salient impact of AI-powered technologies in amplifying the malicious activities of cybercriminals. Therefore, as 2024 approaches, IQSEC cybersecurity experts anticipate a heightened intensity in AI-driven threats, extending into critical digital landscapes such as the Cloud, IoT, and supply chains as well. According to Jack Chapman, Threat Intelligence VP, Egress, “[w]ithout a doubt chatbots or large language models (LLM) lower the barrier for entry to cybercrime, making it possible to (...) generate malware that less capable coders could not produce alone.” 

To mitigate the expanding surface of cyberattacks due to digitalization and the proliferation of IoT devices, organizations are actively increasing their spending on cloud-related initiatives by 20.4%, as reported by Gartner. However, the situation may become more precarious, as Gartner predicts an additional connection of 16,500 million IoT devices by 2025. This development raises concerns among organizations regarding the resilience of devices in adhering to cybersecurity standards.

To effectively tackle AI-powered threats, IQSEC advises organizations to adopt a proactive cybersecurity strategy. This involves using advanced AI technologies, analytics for early threat detection, and prioritizing continuous training for personnel. Additionally, organizations must also conduct "comprehensive assessments of potential vulnerabilities in the Internet of Things (IoT) and seek integrated solutions to ensure the integrity and confidentiality of information throughout their supply chains", reads an IQSEC press release.