Tina Shadman, Senior Security Engineer at Adarma, makes cybersecurity predictions for 2024.
The cybersecurity landscape of 2023 demonstrated continual innovation among cybercriminals, with the National Cyber Security Centre (NCSC) reporting a significant 64% increase in cyber incident reports from the previous year. Key threats included malvertising, vulnerabilities in Internet of Things (IoT) devices, Business Email Compromise (BEC), and phishing. Many organisations grappled with securing their expanding cloud infrastructure and ensuring the security of remote workforces.
Physical threats also posed challenges, as an increasing number of threat actors adopted guerrilla-style tactics using infected USBs. Cyber extortion groups, exemplified by the LAPSUS$/DEV0537 group, became more targeted and sophisticated, employing techniques like Multi Factor Authentication (MFA) bypass and insider recruitment.
Ransomware and social engineering emerged as the most significant threats to businesses, especially smaller and less secure organisations. The year saw a notable increase in data theft and extortion-only campaigns, such as the MOVEit and GoAnywhere attacks, which did not rely on encryption-based ransomware but rather demanded extortion in exchange for withholding stolen data from public disclosure.
The threats of 2023 are expected to persist and evolve in 2024, facilitated by rapidly advancing technologies. Read on for cybersecurity predictions in 2024 and how to protect your business.
The growing prevalence of Artificial Intelligence (AI) tools suggests an increased likelihood of malicious applications, enabling cybercriminals to automate aspects of their campaigns. AI’s scalability and speed will facilitate rapid expansion of attacks across various operating systems. While AI’s commercial use aims at operational efficiency, it may inadvertently expose sensitive data, posing risks. Despite these challenges, AI will empower cyber defenders, relieving security teams and improving threat detection, marking it as a dual-force technology in cybersecurity.
In 2024, Initial Access Resale (IAR) and ransomware will remain significant threats. Digital access brokers like Ransomware-as-a-Service (RaaS) persist, enabling less skilled cyber threat actors, especially ransomware groups, to conduct sophisticated attacks.
The Cybercrime-as-a-service model, including RaaS, Phishing-as-a-Service, and Malware-as-a-Service, is on the rise, with more elaborate Tactics, Techniques, and Procedures (TTPs) and ransomware expanding to triple and quadruple extortion methods. LockBit emerged as a prominent ransomware group in 2023, targeting banks, governments, and law firms. The year ahead anticipates an escalation of extortion techniques, highlighting the evolving and complicated nature of cyber threats.
BEC evolves, targeting vendors with tailored phishing. AI plays a prevalent role in offense and defence, aiding reconnaissance and code obfuscation. Collaboration tools amplify communication but introduce new threat vectors, elevating the risk of insider threats. As IoT malware spreads, a shift to behaviour-based analysis and risk-centric alerting becomes crucial for adaptive cyber defences against multifaceted threats.
Supply chain attacks emerged as a central focus for cyber adversaries exploiting interconnected networks. Notable breaches strategically targeted major corporations’ supply chains, seeking to compromise systems and data at diverse stages in the production and distribution process. Which makes it fundamental to thoroughly vet third-party suppliers.
APTs and nation-backed threat actors are expected to take advantage of geopolitical situations to facilitate cyber-attacks, targeting governments, media, transportation networks, energy sectors, and health organisations to disrupt economies.
Blockchain’s decentralised structure promises real-time data transfers but introduces risks like data interception and compromised private keys. The potential of quantum computing to solve complex problems rapidly raises concerns about breaching cryptographic defences. AI can aid future cyber defences by creating post-cryptography and encryption solutions.
Implementing a threat-based approach in securing digital environments involves continuous collaboration to comprehend business drivers, changing priorities, and current events. Understanding prevalent threat actor TTPs within specific sectors anticipates potential threats.
Analysing threat actor motivations, sector-specific targets, and global conditions aids in preparing customers for emerging trends. Tailoring security solutions considers diverse priorities and processes between small businesses and large corporations.
Assessing customers involves crucial considerations like sector, organisation size, global presence, cloud/on-prem assets, business drivers, and compliance with regulations. In security detection and response, integrating threat intelligence and modelling is essential. A threat-based approach is fundamental across all services, especially in Detection and Response, allowing precise monitoring of customer-specific threats.
Notable practices for enhancing security posture include a tailored and tactical approach to cybersecurity strategy, strategic cyber investments, optimisation of existing tools, with support and protection of security teams to mitigate turnover and burnout risks.
If you would like to learn more about how Adarma can support your organisation’s cyber resilience, please get in touch with us at hello@adarma.com.
To hear more from us, check out the latest issue of ‘Cyber Insiders,’ our c-suite publication that explores the state of the threat landscape, emerging cyber threats, and most effective cybersecurity best practices.
You can also listen to our new podcast, which explores what it’s really like to work in cybersecurity in today’s threat landscape.
Stay updated with the latest threat insights from Adarma by following us on X and LinkedIn.
![adarma_logo_twgt-black[11615449]](https://adarma.com/wp-content/uploads/2022/10/adarma_logo_twgt-black11615449.png){kind=logo}
