Cybersecurity firm Palo Alto Networks has released its latest Asia Pacific cyber security report.
The report, titled Palo Alto Networks Asia Pacific Cybersecurity Predictions 2024 said that artificial intelligence (AI) technology is a double-edged sword in network security. It can be beneficial to cyber security professionals, while also being a boon to hackers.
Enterprise-level protection mechanisms are expected to mature further, including the integration of cybersecurity mechanisms into the lifecycle of development projects. Meanwhile, operational technology (OT) environments remain high-risk targets for hacking.
US-based Palo Alto Networks has recently expanded its investment in Taiwan with the announcement of a Taiwan cloud data center in 2023. The company stressed that compliant data does not leave the country.
It is understood that the company is leasing space from a Google data center. They have not built their own data center.
The report shares several key points on network security trends, including radical hacker activism, the dual-edged nature of AI, and OT as a vulnerable attack target. The report also talks about the importance of tool integration for improved network security and security in multi-cloud and hybrid-cloud environments.
Palo Alto Networks points out that there have been cases where attackers used generative AI to forge images and voices, successfully defrauding banks of millions of dollars. As the use cases of generative AI increase, attackers will continue to exploit security vulnerabilities in innovative technologies for malicious purposes.
Other experts have also warned that AI may exacerbate the spread of misinformation. With many countries holding important elections in 2024, particularly the U.S. presidential election in November, the impact of AI applications on elections around the world has become a key focus of observation.
Palo Alto Networks states that as threats increase, the use of enterprise-grade generative AI protection mechanisms will mature. This includes integrating cybersecurity controls, vulnerability management, and threat monitoring activities into the lifecycle of AI projects.
Generative AI can be used to organize cybersecurity events. It can provide summarized key points more efficiently than human analysts.
However, users need to guard against model poisoning, data leaks, injection attacks, and other security vulnerabilities. As the use cases increase, attackers will continue to exploit security vulnerabilities.
OT environments remain susceptible to attacks. Palo Alto Networks points out that as the integration between IT and OT increases, the attack surface expands.
The report calls for the adoption of a zero-trust architecture. This helps protect most critical OT systems from threats, it added.
Regarding radical hacker activism, Palo Alto Networks notes that there were multiple incidents in 2023 where programs were disrupted for social activists. Such protest actions in 2024 may primarily be initiated in a digital format.
Most radical hackers initiate actions through distributed denial-of-service (DDoS) attacks. During the G20 summit in India, over 30 radical hacker groups from neighboring countries or regions launched DDoS attacks and website defacements against over 600 government and private websites.
Additionally, Palo Alto Networks observed that the average enterprise uses 31.58 cybersecurity tools, often with unrelated and disorderly functions, making it difficult for enterprises to grasp the complete cybersecurity situation, weakening the ability to detect and respond to threats.
Other cybersecurity experts have said that large enterprises in Taiwan typically purchase over 50 cybersecurity solutions, while small and medium-sized enterprises use around 30. How to integrate and manage through a single platform, provide a visualized war room interface, and AI-empowered automation tools are all key development focuses for the cybersecurity industry.
Palo Alto Networks' threat intelligence group, Unit 42, stated that the average time for cybersecurity teams to resolve alerts is six days. Attackers can find security vulnerabilities and launch attacks in just a few hours, the group added.
Companies that cannot integrate various cybersecurity tools will find it challenging to deploy automation and collaboration, the group said. The excessive purchase of tools becomes the most significant obstacle to shortening detection and response times it added.