Cyber experts predict the cybersecurity challenges of 2024. This year, they took a unique approach by delving into Dark Web forums to identify trending discussions among hackers. Hacking courses leaked nudes, and the use of AI in scams are among the most discussed topics on dark web forums.
"Every year we try to predict sophisticated attacks from experienced hackers, mostly targeting companies or influential people," said Marijus Briedis, CTO at NordVPN. "This year's approach helped us realize that regular Internet users are often attacked by amateur hackers who are still developing their craft. They can also do a lot of damage to their unsuspecting victims, and users need to be aware of their plans."
The top five predictions made by the cybersecurity experts at NordVPNare, are based on what hackers are talking about online.
Leaked nudes will trend on the dark web
Among the most commented threads on the forum were those about leaked nudes from OnlyFans, Instagram, and other content-sharing platforms. The leaked nudes threads received nearly 1,850 comments and were among the top 20 most commented threads on the forum.
"This means that next year we will see even more attacks where pictures of naked people are leaked. Another way criminals can go is to use AI or deepfake technology to create fake nudes to trick their buyers," says Marijus Briedis.
To avoid having images leaked online, Warmenhoven recommends not sending photos via social media and using encrypted cloud solutions when sharing photos.
AI will help hackers
Hacked ChatGPT accounts and tutorials on how to use AI for attacks are very popular among hackers. This means that not only are AI users on the radar, but hackers are learning how to use AI to increase the capacity of their work and make their jobs easier, faster, and more effective.
"The use of AI tools will facilitate the automation of a significant portion of phishing attacks, and the frequency of such attacks is expected to increase in the future, posing a significant cybersecurity threat," Briedis says.
He also mentions that users who are unsure of their ability to identify phishing emails can use browser extensions created for this purpose.
The number of amateur hackers will grow
Every tenth post on the forum was about learning how to carry out some kind of attack. Among the most commented threads were: "How to dox", "List of useful resources for pentesters and hackers", "How to hack your friend's WhatsApp by sending a single ink", "How to instantly crack TikTok accounts easily", "WiFi hacking course", and others.
This means that hackers are sharing their knowledge, and we can expect the number of amateur hackers to increase along with the number of attacks they carry out. As a result, users should take their cybersecurity education even more seriously and keep abreast of the latest attacks.
Customer data will sell like hot cakes
Researchers found that about 55% of discussion threads were about leaked customer data, such as social media credentials, driver's licenses, addresses, emails, and other personal information. This means that hackers are still after vulnerable personal information, and no user is safe from hacking.
Warmenhoven says the simplest thing users can do to protect their online data is to use MFA (multi-factor authentication) wherever possible.
Biometric authentication isn't the answer
Many platforms that care about their users' security now offer biometric authentication. However, research has shown that hackers have already learned how to bypass some of the biometric authentication methods, such as the selfie verification that some crypto platforms use. The thread explaining how to bypass selfie verification collected more than 200 comments.
"Biometric authentication will certainly be a part of authentication in the future, but only if it is multi-factor," says Marijus Briedis. "So not only can we predict that biometric authentication will turn out to be unreliable, but that more layered ways to protect online accounts will emerge."
One of the latest developments in this area is passkey technology. A passkey is a pair of related keys: public and private. Public and private keys do not work without each other, making them useless to hackers. In addition, the passkey on your device (private key) cannot be accessed without biometric identification (of the device owner) or a PIN, which provides additional protection.
