Cybersecurity experts from the SANS Institute have shared insights on the top five most dangerous new attack techniques being employed by cybercriminals and nation-state actors. The panelists presented these emerging Tactics, Techniques, and Procedures (TTPs) during a session at the RSA Conference in San Francisco, advising organizations on how to prepare for them. The SANS Institute is a cybersecurity training, certifications, degrees, and resources provider aimed at empowering cybersecurity professionals with practical skills and knowledge.
The five attack vectors highlighted were adversarial AI, ChatGPT-powered social engineering, third-party developer, SEO, and paid advertising attacks. The experts recommended an integrated defense-in-depth security model, layered protection, and automation of critical detection and response actions to tackle adversarial AI attacks. For ChatGPT-powered social engineering, organizations need to foster a culture of cyber vigilance across the enterprise. To tackle third-party developer attacks, organizations must work closely with software developers to align security architectures and share threat intelligence. The increasing sophistication of SEO and paid advertising attacks highlights the need for scalable user awareness training programs tailored to new threats.