Nation-state cyber-incursion and disinformation in 2024
As we look ahead to the new year, companies are starting to make predictions on what will be big in security across 2024.
The biggest themes will include the escalating role of Artificial Intelligence (AI), the increasing ease-of-access to ransomware and cyber-extortion techniques, the issue of businesses’ rapidly-increasing attack surfaces, and the tightening of cyber-regulations around the world.
Amongst these predictions, we’ll continue to see an increase in nation-state-level cyber incursions, disruption, and disinformation.
Threats will become more distributed and democratised
Sadly, the concept of cyberwarfare is nothing new, and it shows no signs of slowing down in 2024. Across 2024 and beyond, cyberwarfare will become more prevalent as nation-state actors attack in both physical and cyber domains in parallel. Some may lean on AI to accelerate development of their cyber threats in pursuit of their political aims too, particularly in the field of disinformation, where the accessibility of large language models allows resource-constrained attackers to be far more prolific.
And it won’t be just the ‘script kiddies’ and hacktivists taking advantage of new AI tools. Against a backdrop of high-profile national elections and ongoing global conflict, more governments will use AI to their advantage, executing politically motivated attacks, hacktivism and sabotage.
Disinformation has now become a critical component of national conflict. Digital disinformation campaigns and cyber-attacks that accompany kinetic warfare have already happened. In Russia and Ukraine, war is not constrained to the physical space, and missiles are launched in tandem with cyber-attacks.
We anticipate new types of disinformation campaigns in 2024, with commercial and economic motivations, and more targeted attacks against individuals, companies’ brands and reputations.
Nation-states need to observe security fundamentals
Predictably, there’s no ‘magic button’ solution to these issues. Countering disinformation, in particular, is difficult as it requires a population-wide uplift in education, alongside implementing robust technical solutions and ensuring that platforms take active steps to remove and limit its spread.
To protect against cyber-incursions and disruption, defenders first need to anticipate the scale of certain threats, and what parts of their infrastructure should be prioritised, or may be most vulnerable. In the last few years, victims have spanned everything from water stations to national gas pipelines and voting systems. Governments need to model the threats and decide what they want to prioritise within their financial institutions, industrial capacity, their power grids, telco networks, and more – and to establish early what factors or values will inform these decisions.
There’s no easy fix for national cyber-defence. An effective national approach will largely involve observing cybersecurity fundamentals and applying them diligently and consistently. National and local bodies need to focus on the scaling-up of cyber defences and zone defence, widespread and organised knowledge-sharing, as well as enforcement of regular patching, implementation of the cyber hygiene basics, and the use of appropriate and capable security and monitoring tools.
On this point, it’s worth emphasising that AI technologies will also be available, and of enormous benefit to, defenders. We can reasonably expect various AI-assisted tools to play a major role in cyber-defence strategies over the coming years.
Lastly, cyber incursion is a matter of ‘when’, not ‘if’, so governments need to ensure they have a response plan for when incursions occur, and disruption is caused to key citizen services, industries, and institutions.
Nation-state cyber-warfare is likely to become part of our day-to-day reality, moving forward, especially as cyber criminals often follow where nation states lead. But I am confident that governments and the private sector will rise to address this challenge.
Kirsty is a Strategic Advisor in Technology and Innovation for Splunk’s EMEA region, where she provides technical thought leadership for strategic accounts.
As an experienced technologist, strategist and security specialist, she thrives on understanding difficult problems and finding creative solutions. Her long-standing mantra, after nearly a decade working in cyber security, is simple and straightforward: “Make Good Choices”.
Kirsty’s background in cyber security stems from her mathematical roots, built on by her time working for the UK National Cyber Security Centre, where she spent years specialising in security, privacy and internet technologies.