The Ministry of Science and ICT predicts an increase in cybersecurity threats next year as AI specialized in hacking and malware distribution becomes widely used as a means of cyberattacks.
On the 18th, the Ministry of Science and ICT and the Korea Internet & Security Agency (KISA) released an analysis of this year’s cyber threat cases and forecasts for next year’s cyber threats. Based on a collaborative analysis with experts from domestic and international information security companies like AhnLab, Google, and Microsoft, the ministry identified four major cyber threats for next year: the “full-scale utilization of generative AI by attackers,” “increased cyber threats to digital convergence systems,” “potential rise in cyber threats due to global environmental changes,” and “increase in indiscriminate DDoS attacks.”
There is an expected rise in cyber threats based on generative AI. Models like ChatGPT, as well as domestic models, are being used widely as hacking tools to create malware upon hackers’ requests. Malicious models specialized in cybercrime, such as FraudGPT and WormGPT, are being distributed via the dark web.
Furthermore, the Ministry of Science and ICT anticipates increased cyber threats targeting digital convergence technologies and services like autonomous vehicles, smart buildings, and transportation systems. They express concern that worsening global conflicts, such as the Ukraine-Russia war, could lead attackers to instigate socio-political unrest through cyberattacks on government agencies and infrastructure, thereby heightening public anxiety.
Given the observed increase in DDoS attacks this year, a continuous rise is expected next year, affecting government, public agencies, and private companies indiscriminately. The Ministry advises companies to take pre-emptive measures and recommends those lacking resources in cybersecurity personnel and facilities to use KISA’s “DDoS Cyber Shelter.”
This year also saw a surge in cyber fraud cases disguised as spam and smishing, such as refund notifications from TMON and WeMakePrice or concert information of famous stars. There were also complex cyber threats involving the infiltration of software supply chains to implant malware, bypass security systems, and carry out hacking. Even traditional attack methods like ransomware have evolved into more sophisticated triple extortion tactics involving data encryption, corporate data leaks, and DDoS attacks.
Ryu Jae-myung, Director of the Network Policy Division at the Ministry of Science and ICT, stressed the importance of raising security awareness among the public and businesses and enhancing vigilance against daily cyber threats. He emphasized building more organic cooperation between the private sector and public institutions for systematic responses to cyber threats and to create a safe digital environment through proactive defense and suppression of cyber threats.