The developments we saw in cybersecurity this past year—especially in email security, which is our area of expertise—were mostly high profile, with a few unexpected anomalies coming in under the radar. The rise of generative AI and natural language generators like ChatGPT was a huge catalyst in changing the way that nefarious actors create threats, but that wasn’t the only notable development that is changing the market. At least one new occurrence gained momentum later in the year and still needs to be addressed for 2024.
AI of course has been creeping up on us for many years; the ChatGPT platform just provided a more practical platform for the public (and cybercriminals) to put this technology to use. Our team came across a more unexpected finding in our year-end research, the kind that sneaks up on IT managers and therefore usually causes a high degree of damage, since companies have to scramble to find a fix.
Uptick in “Quishing”
While conducting hundreds of proof-of-concept scans of security networks, Trustifi analyzed the data of 1.3 million emails over 2023. We noticed a disturbing trend toward the end of the year. There was a sharp increase in phishing schemes that utilized QR codes instead of traditional embedded links or linked attachments. From July to September alone, we saw a spike of close to 250% of these phishing attempts, with QR codes appearing either within the body of the email or (less frequently) as an attachment.
QR codes circumvent many traditional email solutions’ filters, since they are treated as ordinary images by most cybersecurity solutions. Some of the market’s most prominent security vendors—especially those who still rely on SEG-based filtering and white/blacklisting of malicious IP addresses—don’t have tools that can identify QR codes. This is likely the reason for the spike: Malicious actors have realized that malicious QR codes are often undetectable by cybersecurity efforts. This trend will surely continue through 2024, so ISVs need to create ways to squelch this tactic, creating mechanisms that can recognize and flag threat-harboring QR codes.
WormGPT and FraudGPT
In 2023, generative AI platforms gathered users in record numbers. It was immediately acknowledged that ChatGPT would make it easier for criminals to write malicious code and launch convincing, well-composed phishing attacks far more rapidly than ever before, leading to a watershed of threats aimed at network inboxes. Not only did hackers quickly create new ways to circumvent ChatGPTs safeguards, it didn’t take long for criminals to adapt this technology purely for their own purposes, introducing Large Language Models (LLM) such as WormGPT and FraudGPT specifically to create malware. Subscriptions for this software can be easily purchased on the dark web at prices that have been quoted at anywhere from $60 a month to $1,000+.
The challenge is now put to ISVs to prioritize AI-powered cybersecurity tools that will combat these threats with the same level of technological sophistication. Their solutions must leverage AI algorithms to interpret text and flag keywords or even images that indicate business email compromise, a phishing attempt, or a brand imposter attack.
Ease of software management
We’ve seen more interest in the IT channel for the ability to easily manage security software licenses over multiple end-clients. This allows managed services providers to more easily accommodate a multitude of clientele, duplicating and/or customizing plans, policies, and rules in a multi-tenant environment. Dashboard features that give MSPs visibility over multiple end-user security plans, with one-click and drag-and-drop features, are highly in demand. The ability to manage a greater volume of clients more effectively allows these MSPs to grow and increase their revenues, leading to a more prosperous channel.
According to a Cybersecurity Ventures report, cybercrime was predicted to cost the world $8 trillion in 2024 (USD). With some diligence and attention to specific goals for the year, ISVs and developers can potentially help companies avert these cyber pitfalls, and can also make it easier for solution providers to manage their cybersecurity—all through bespoke, next-generation advancements in software design.