Samsung SDS Announces “AI-driven Security Threat” as Top Issue of Cybersecurity in 2024

+ Selected five major security threats including AI-powered hackings, cloud security threats, breach of sensitive data, ransomware attacks, and network security threats
+ To ensure enterprise-wide security through the company’s AI service platform FabriX and zero trust-based security operation service

Samsung SDS analyzed cybersecurity issues that occurred throughout the world in the previous year, and selected five major cybersecurity threats to be aware of in 2024.

The five major cybersecurity threats of 2024 include ▲ AI-driven security threats, ▲ cloud security threats in hybrid environments, ▲ breach of key data including personal and sensitive information, ▲ continuously-evolving ransomware, and ▲ network security threats resulting from the expansion of cyberattack targets.

The analysis reflected the survey results of around 700 security experts working at major Korean companies in IT, manufacturing, finance, logistics, and accounting industries and the public sector, and also presented response measures based on the company’s experience in global security operations and technological capabilities

■ AI-driven security threats
As technologies powered by generative AI rapidly spread across industries, new types of security threats are emerging as well. Hackers are exploiting generative AI, such as “WormGPT” or “FraudGPT,” to easily create massive volumes of malignant codes to stage cyberattacks. To effectively respond to such attacks, companies need to secure cyber defense technologies including AI-enabled malware analysis and automatic threat identification.
* WormGPT : dark-web version of ChatGPT, a generative AI-based tool for cybercrimes
* FraudGPT : AI-based phishing tool

■ Cloud security threats in hybrid environments
Hybrid environments customized for enterprises are prone to security vulnerabilities due to its complex security configurations and management areas. Companies should thus adopt a cloud native application protection platform (CNAPP) that protects the entire cloud native environment to pre-emptively detect cloud security threats and ensure visibility across the hybrid environment. In particular, they should review key compliance regulations and swiftly identify misconfigurations in order to address security vulnerabilities.
* CNAPP : Cloud Native Application Protection Platform

■ Breach of key data including personal and sensitive information
Data leakage routes and attack methods are becoming more diversified, while the leaked data are traded on the dark web, even causing secondary damage. Companies should thus establish business processes and employee compliance regulations, and systematically manage preventive measures for data loss and copyrights issues to prevent data leakage and prepare regulatory responses in advance.

■ Continuously-evolving ransomware
As ransomware-as-a-service (RaaS) is increasingly being commercialized and used for cybercrimes, attacks using initial access brokers (IABs) are on the rise. Companies need to secure security resilience by eliminating security vulnerabilities and strengthening end-point security to protect data and assets and minimize damages from business suspensions during ransomware attacks.
* RaaS (Ransomware as a Service) : ransomware offered in the form of a service, which allows users to carry out ransomware attacks without expertise in programming
* IAB (Initial Access Broker) : a broker providing or implementing initial access routes

■ Network security threats resulting from the expansion of cyberattack targets
The acceleration of digital transformation has led companies to expand their work environments into cloud and mobile spaces, in turn broadening the targets of attacks to be exploited by hackers.

To effectively cope with network security threats, the zero trust security model should be applied to ensure that the authority to access systems and data is granted only after completing the user authentication process. Moreover, there is an increasing use of threat intelligence (TI), a technology for automatic detection, analysis, and blocking of cyberattacks that can pre-emptively reduce attack targets.
* Zero Trust : a security model based on the principle of “never trust, always verify”
* TI (Threat Intelligence) : a technology that automatically detects, analyzes, and blocks cyberattacks

Furthermore, the use of generative AI is increasing exponentially, but companies are remaining hesitant to expand its use due to concerns over the leakage of sensitive information. To address this, Samsung SDS introduced AI service platform FabriX that enables the rapid and convenient application of generative AI to enterprise work systems and also offers the AI filtering feature that detects and shuts off sensitive information.

SangKyung Byun, Vice President and Leader of Security Technology Office at Samsung SDS, said, “Security threats from complex work environments involving generative AI and cloud must be addressed in terms of enterprise-wide crisis management.” He also stressed, “The adoption of zero trust-based solutions and services is essential for strengthening security in corporate management.”

Meanwhile, Samsung SDS has been named a major player in cloud security in MarketScape Worldwide and APAC reports by global market research firm IDC since 2021, earning global recognition as a leading company in security operations.