Every year around December, analysts at NordVPN, a double encryption VPN services provider used by millions globally, try to predict the cybersecurity risks waiting for the next year. This year the company is offering a different perspective by analyzing the content and threads on the most active dark web forums, to find out what were the most discussed topics to base their predictions on their findings.
“Every year we try to predict sophisticated attacks from experienced hackers, who mostly target businesses or influential people,” says Marijus Briedis, a CTO at NordVPN. “Taking a different approach this year helped us realize that regular internet users are often attacked by amateur hackers who are still developing their craft. They can also cause a lot of harm to their unsuspecting victims and users need to be informed about their plans.”
Below you will find the top five predictions made by cybersecurity experts at NordVPN based on what hackers talk about online.
Leaked nudes will be trending on the dark web
The most commented threads on the forum included those about leaked nudes from OnlyFans, Instagram, and other content-sharing platforms. Threads about leaked nudes received almost 1,850 comments and were among the top 20 most commented threads on the forum.
“This means that next year we will see even more attacks, where pictures of naked people will be leaked. Another route criminals can take is using AI or deepfake technology to create fake nudes to trick their buyers,” says Marijus Briedis.
To avoid having pictures leaked online, NordVPN recommends abstaining from sending photos through social media platforms and using encrypted cloud solutions when sharing photos.
AI will help hackers:
Hacked ChatGPT accounts and tutorials on using AI for attacks are very popular amongst hackers. Hackers are learning how to use AI to increase the capacity of their work and make their job easier, quicker, and more effective.
“The utilization of AI tools will facilitate the automation of a significant portion of phishing attacks, and it is anticipated that the frequency of such attacks will escalate in the future, posing significant cybersecurity threats,” says Briedis. He also mentions that users who are unsure they can identify phishing emails can use browser extensions created to serve that purpose.
The number of amateur hackers will grow:
Every tenth post on the forum was about learning how to execute some kind of attack. Among the most commented threads were: “How to dox,” “List of useful resources for pentesters and hackers”, “How to hack WhatsApp of your friend by sending a single link,” “How to instantly crack TikTok accounts easily,” “WiFi hacking course,” and others.
Hackers are sharing their knowledge and we can expect the number of amateur hackers to rise together with the number of attacks they execute. Users should be even more serious about their cybersecurity education and keep themselves updated about the latest attacks.
Customer data will be a hot seller:
Researchers found that around 55% of discussion threads were around leaked customer data, such as social media credentials, driver licenses, addresses, emails, and other bits of personal information. This means that hackers are still after vulnerable personal data and no user is safe from hacking. NordVPN suggests a simple thing users can do to protect their online data is to use MFA (multi-factor authentication) wherever possible.
Biometric authentication won’t be the answer:
Many platforms that care about the security of their users now provide the ability to authenticate biometrically. However, the research showed that hackers have already learned how to bypass some of the biometric authentication methods, such as the selfie verification that some crypto platforms use. The thread explaining how to bypass selfie verification collected more than 200 comments.
“Biometric authentication will surely be a part of authentication in the future, but only if it is multi-factor,” says Marijus Briedis. “Biometric authentication will show itself to be unreliable on its own, so more layered ways to protect online accounts will appear.”
One of the latest developments in the sphere has been passkeys technology. A passkey is a pair of related keys: public and private. Public and private keys do not work without one another and therefore are useless to hackers. Moreover, the passkey on your gadget (private key) cannot be accessed without biometric identification (of the device’s owner) or a PIN, which adds extra protection.
The bottom line to all of this is that if you are feeling that second layer authentication such as a series of numbers texted to your phone to be entered into a website is frustrating, it’s the lesser of two evils if it protects hacking and identify theft.
To stay safe in 2024, use two-tier authentication, keep all your applications and operating software up to date and think about using a VPN as it makes tracking your online activity virtually impossible.