DigiCert has published a list of predictions for 2024 in the area of digital trust. These predictions underscore the emerging importance of trust in content, software supply chains, and devices, the need to plan for a transition to quantum-safe cryptography, and the emerging role of the Chief Digital Trust Officer in pairing trust investments with business objectives and outcomes.
One of the key predictions relates to the growth of AI and its rapid impacts on the global threatscape: AI will shift from defense to attack, and organizations will need to prepare says DigiCert.
DigiCert states that:
In 2023, we heard a lot about utilizing AI for defensive solutions like intrusion detection and prevention systems. But in 2024, the tables will turn, with AI being used far more often for attack surfaces. Attackers will begin using AI capabilities to harvest the landscape, learning about an individual or enterprise to later generate AI-based attacks. With today’s technology, a bad actor could pick up a phone, pull basic data from LinkedIn and other online sources to mimic a manager’s voice, and perform malicious activities like an organizational password reset.
The ability to render sites on the fly based on search can be used for legitimate or harmful activities. As AI and generative AI searches continue to mature, websites will grow more susceptible to being taken over by force. Once this technology becomes widespread, organizations could lose control of the information on their websites, but a fake page’s malicious content will look authentic thanks to AI’s ability to write, build and render a page as fast as a search result can be delivered.
Just as they’re doing with PQC, leaders will need to create a strategy to combat AI threats and assure trust for public-facing websites and other key assets.