In the world of cybersecurity, threats are constantly evolving. Therefore, by throwing a spotlight on 2024 cyber trends, while considering what occurred in 2023, we can adapt our defenses and anticipate new emerging threats.
Artificial intelligence (AI) will play a very important part in both threat delivery and threat detection and prevention. A recent Barracuda MSP webinar gave an overview of the key observations their security operations center (SOC) witnessed in 2023 and how 2024 may play out.
Key observations in 2023
The six key observations were:
- Ransomware is at an all-time high
- Ransomware-as-a-Service (RaaS) increases the scope of targets
- Threat actors are becoming much more persistent
- Attack lifecycles are extended
- Threat actors are more effective
- Successful attacks are having a higher impact
There have also been some key incident statistics to note:
- Ransomware attack frequency up 95 percent since 2022
- $265 billion estimated total losses from Ransomware in 2023
- 4000+ organizations’ data published on the dark web
- Average cost of a ransomware attack: $100k for smaller organizations and $5 million for larger organizations
- The average recovery time is 3 weeks per incident
These statistics highlight the financial and reputational damage caused by ransomware.
The top three threats of 2023 according to the SOC
1. Ransomware
Ransomware groups are outpacing endpoint protection utilities, driven by increased demand for RaaS in the dark web. Attacks are executed using legitimately licensed tools, (such as RMM, remote desktop, and VPN). Ransomware attacks are detrimental to any business. Data is exfiltrated and exposed, and networks are paralyzed. The costs to recover are immense in terms of time and money. Advanced endpoint protection managed by a dedicated, security-first team is the best way to mitigate this problem. Maintain regular segregated backups and ensure cyber insurance cover is up to date.
2. Zero-day and supply chain attacks
The threat of Zero Day attacks has exponentially increased, partly due to more applications in service across the supply chain, meaning greater exposure. The impact of this is that threat actors can quickly compromise organizations’ networks at scale, even when other security controls are in place. This can be mitigated through effective patch management and emergency patching plans for contingencies, with clearly defined roles and responsibilities.
3. Intrusion campaigns
Attack surfaces are increasing all the time through gaps such as misconfigured cloud security controls. Threat actors can quickly move laterally, elevating privileges to establish command and control. You can be better prepared by conducting external scanning and penetration testing. Always implement MFA, and practice better privilege management. Improve network segregation and regularly review firewall and network access policies.
Advanced persistent actors (APT) are adapting and advancing in sophistication and growing in numbers. The volume of attacks an organization faces regularly is increasing exponentially and security teams are struggling to keep up. Consumer data exposure is a huge risk, and personally identifiable information (PII) is a pot of gold to threat actors.
A look ahead to the 2024 cyber trends
Malicious actors will be using artificial intelligence to drive more complex attacks. Utilizing malware-friendly large language models (LLMs) like WormGPT and FraudGPT, and providing AI-as-a-Service to other threat actors.
Some of the types of attacks we’ll see will involve the following:
AI-powered malware: Consists of a malware code written by an LLM, for example, BlackMamba. The benefits to threat actors of AI-powered malware include:
- Lowering the bar of entry into more sophisticated malware attacks
- Reducing the creation timeline
- Including automated evasive behaviours making initial detection more difficult
- Using machine learning to blend into its deployed environment to appear benign
Generative AI phishing campaigns: Currently, there are typically some easy-to-spot identifiers when we see a phishing email come into an email inbox. However, generative AI will overcome many of the language barriers and formatting mistakes to make them much more difficult to identify. Vishing threats (threats that mimic voice communications) will become more common too as technology makes faking telephone conversations much easier. Malicious phishing chatbots will also become more common.
XDR to mitigate 2024 cyber trends
To mitigate some of these AI-powered threats, you could deploy an open extended detection and response (XDR) solution. This provides sophisticated technologies backed up by a specialist SOC. You fight AI with AI, using anomaly detection and machine learning algorithms while employing automated remediation. XDR is crucial to detect intrusion in real-time, preventing threat actors from getting a foothold in your network.
The cybersecurity landscape is constantly evolving, with ransomware attacks and other threats on the rise. Looking ahead to 2024, AI-powered attacks are expected to become more common. Mitigating these threats will require a multi-faceted approach, including implementing best practices such as end-user security awareness training and continuous monitoring, as well as deploying an XDR solution backed up by a specialist SOC. By staying vigilant and proactive, businesses can better protect themselves against the growing threat of cyberattacks.
Stay tuned for part two where we take an in-depth look at another 2024 cyber trend: how AI is playing a part in today’s email threats.
Note: This was originally published at Tubblog
Photo: patpitchaya / Shutterstock
