The company’s research laboratory ESET analyzed the cybersecurity trends that will affect the region’s scenario in 2024. The impact of artificial intelligence (AI), cybercrime in messaging applications, espionage campaigns and banking Trojans are among the most notable.

“In Latin America’s dizzying digital landscape, next year will be a challenging year for cybersecurity. As technology advances, so do cyber threats, which require strategic responses to protect the integrity of data and systems,” said Camilo Gutiérrez Amaya, head of the ESET Latin America Research Laboratory.

According to this research, the cybersecurity trends for the region in 2024 are:

Impact of AI on cybersecurity: With the advancement of ChatGPT and other applications that integrate generative artificial intelligence technologies, an opportunity opens up to strengthen cybersecurity.

On the positive side, the implementation of advanced language models could significantly increase cybersecurity capabilities: artificial intelligence would improve threat detection, through systems that learn behavioral patterns and identify anomalies more accurately.

However, the same technology could be used by malicious actors to orchestrate even more sophisticated social engineering-based attacks. Generative artificial intelligence algorithms have shown how easy it can be to generate automated emails, messages, or phone calls that convincingly imitate legitimate users. An increase in these types of attacks can therefore be expected by 2024.

Cybercrime in messaging applications, from the darkness to the surface: Surveillance for suspicious activities is expected to intensify on messaging apps like Telegram and similar platforms as cybercrime has expanded its reach from the dark web to mainstream messaging apps. This expansion underlines the need to adapt security strategies to address the dynamic cybercrime landscape.

“The main challenge will lie in finding an approach that succeeds in harmonizing digital security with the preservation of individual freedom. Finding this balance becomes a central element for cybersecurity strategies, seeking to ensure protection against emerging cyber threats without compromising users’ privacy and freedom.”, Gutiérrez Amaya stands out.

Commodity malware and its use in espionage campaigns in the region: In recent months, the region has seen a significant increase in malicious campaigns using common malware, mainly the use of RAT-type threats, with the aim of obtaining valuable information and generating economic benefits.

In this context, security strategies are challenged to go beyond simply having technologies in place to identify known threats. Extensive capabilities are needed to expand the visibility of suspicious behavior that could indicate potential compromises in a system. The adaptability and learning capabilities of security teams prove to be crucial elements in keeping up with the ongoing evolution of cybercriminals.

Growth of supply chain attacks in Latin America: With the increase in the number of cases in recent years, these types of attacks also pose a growing threat to Latin America. This evolution in attackers’ strategy could allow them to more specifically target critical links in the chain, disrupting vital operations in countries in the region if adequate protection measures are not implemented.

The need to implement preventive measures is becoming imperative across the region’s supply chain, from large companies to the smallest suppliers.

This approach will be a key element to ensure the continuity and security of operations in the region in the face of the complexity and risks associated with supply chain attacks.

Latin American banking Trojans: The changes noted this year in the way banking Trojans spread and design indicate that these types of threats will continue to exist and evolve.

In this scenario, cybersecurity faces the crucial task of not only responding, but also preventing. Continuous user education becomes essential to strengthen the first line of defense against banking Trojans, and to promote awareness of secure online practices and the identification of potential risks as fundamental elements to empower users and reduce the effectiveness of the attacks. (JO)