Over the past year, technological advancements in the Asia-Pacific (APAC) region have prominently centered around artificial intelligence (AI) and cybersecurity, as observed by Darktrace. These interconnected domains carry significant implications for the future, with AI’s substantial progress through GenAI raising concerns about its applications. Simultaneously, numerous high-profile firms have grappled with the aftermath of cyber-attacks, emphasizing the critical intersection of AI and cybersecurity in both protecting against evolving threats and executing sophisticated hacks.
Global AI cybersecurity vendor Darktrace has offered predictions for 2024 concerning AI and cybersecurity in the region. Oakley Cox, Analyst Technical Director for APAC at Darktrace, sheds light on two potential developments. Firstly, he suggests that Generative AI will enable attackers to conduct phishing attacks across language barriers. Traditionally, cyber-enabled social engineering has been predominantly in English, limiting its impact in the linguistically diverse APAC region. Generative AI’s emergence reduces the barrier for composing text in foreign languages, enabling phishing attacks in local languages to circumvent traditional security measures focused on English-language emails.
Oakley also highlights a shift in perspective, noting that as AI becomes more integral to software development, defenders can leverage it to identify vulnerabilities in their software. However, this also presents a concern as AI may empower adversaries with new avenues to exploit these vulnerabilities and launch attacks.
From another viewpoint, Liam Dermody, Director of Red Team at Darktrace, anticipates a surge in ransomware attacks targeting the APAC region. He draws parallels with Central America, which witnessed a significant increase in ransomware attacks in 2022. Given the APAC countries’ rapid economic growth and businesses being relatively unprepared compared to other regions, Dermody suggests that APAC could become an attractive target for ransomware operators, especially with minimal risks posed by increased scrutiny from western governments and intelligence agencies.
Dermody also foresees an increase in Multifactor Authentication (MFA) bypass attacks. Despite the widespread adoption of MFA in cybersecurity frameworks, attackers have found ways to bypass it. He emphasizes the need to view MFA beyond the credential protection heuristic and focus on detecting unusual activities during and post-authentication, which may require leveraging AI or Machine Learning to recognize patterns of life.
In addition, Tony Jarvis, VP of Enterprise Security at Darktrace, predicts that governments will play a more active role in combating ransomware, citing the Australian government’s mandate for businesses to report ransomware activities. Nicole Carignan, VP of Strategic Cyber AI, anticipates AI researchers exploring new techniques to enhance the performance of Large Language Models without solely relying on increased computing and data resources. Finally, Philip Sellars, a Machine Learning Researcher, suggests that minimizing AI hallucinations will be a significant focus in 2024 with the expanded deployment of generative AI tools.