Kaspersky has released a new report that offers insight into the advanced persistent threats landscape for 2024. The report predicts that existing APT techniques will continue to be used, and new methods will likely emerge, including increased AI usage, hacktivism, and targeting of smart home technology. It also anticipates the rise of new botnets, rootkits, and hacker-for-hire services. Kaspersky warns that APT attackers may expand their surveillance efforts to include smart home technology devices, such as cameras and connected car systems. Additionally, the report predicts an increase in the use of botnets to obscure the targeted nature of attacks and to mask attackers’ infrastructure. It also suggests that there will be an increase in the deployment of kernel-level code, with threat actors empowered by factors such as extended validation certificates and stolen code-signing certificates. Kaspersky also expects more hacktivism tied to APTs and an increase in supply chain attacks as a service. The report warns of more groups in the hack-for-hire business and an increase in the use of AI for spearphishing. Additionally, Kaspersky predicts an increase in attacks on Managed File Transfer systems. To mitigate the risk of APT attacks, the report recommends using solutions such as extended detection and response, security information and event management, and mobile device management systems in a corporate environment. It also advises implementing strict access controls, multifactor authentication, network segmentation, and having an up-to-date incident response plan.
