Google’s 2024 cybersecurity forecasting report delves into how generative AI and large language models (LLMs) will enhance phishing and social engineering operations by creating more convincing content, including voice and video.

It highlights how smarter generative AI prompts can empower attackers to create fake news, fake phone calls, and deep fake photos and videos. These ‘fakes’ are likely to enter the mainstream news cycle, posing a threat to public trust in information in 2024. The scalability of such information operations could lead to heightened scepticism or a loss of trust in what people see and read, complicating engagement for businesses and governments.

Generative AI and related technologies can empower cyber defenders to enhance the scale and efficiency of adversary detection, response, and attribution. Additionally, these technologies have the potential to expedite analysis and streamline time-consuming tasks like reverse engineering.

The report goes into detailed insights on anticipated global and continental cyber threat activities. It underscores the predominant role of the four major countries—China, Russia, North Korea, and Iran—in cyber threats.

The report makes 15 global forecasts for 2024 in cybersecurity:

  1. Continued use of zero-day vulnerabilities (and edge devices)
  2. Cyber activity targeting U.S. elections
  3. Rise of disruptive hacktivism
  4. Wipers have become a standard capability in all nation-state cyber arsenals
  5. Targeting of space-based infrastructure
  6. Attacks targeting hybrid and multi-cloud environments mature and become more impactful
  7. Serverless services in the cloud are more heavily used by threat actors
  8. Extortion operations continue
  9. Espionage and “sleeper botnets”
  10. Revival of ancient techniques
  11. Continued migration to modern programming languages by malware authors
  12. Developers targeted in supply chain attacks via software package managers
  13. Growing prevalence of mobile cybercrime
  14. Cyber insurance premiums remain steady
  15. Consolidation around SecOps


Read the report