Cybersecurity Trends to Watch in 2024Expert Panelists Debate Impact of AI, Geopolitics and New Tactics in the Year Ahead
2023 brought change to the cybersecurity industry – a nagging economic slowdown, the emergence of generative AI on corporate radars, high-profile cyberespionage hacks and major software supply chain breaches that moved around the world like a slow-moving train wreck. Law enforcement made strides against the cybercriminals – and crypto criminals – but ransomware gangs came surging back in the second half of 2023.
So, what can we learn from these trends? What does the future hold? In conjunction with a new report from CyberEd.io, Information Security Media Group asked some of the industry's leading cybersecurity and privacy experts about 10 top trends to watch in 2024.
Cybercriminals Will Use Advanced Ransomware Tactics, AI and Deepfakes to Enhance Their Targeting Capabilities
The introduction of generative AI tools will help cybercriminals ultra-convincing emails and telephone calls for evading detection of social engineering campaigns. AI is expected to make less-skilled ransomware-as-a-service actors more effective. "One of the things that we talk about a lot is the potential for generative AI to be used, particularly for reconnaissance and for gathering information about a particular target," said Allie Mellen, principal analyst at Forrester.
Enterprises Will Embrace Human Risk Management and Monitor Employee Behavior and Their Interaction With Security Products
Human risk management is aimed at helping organizations identify employees with the most dangerous risk scores so they can create more targeted security mitigation programs. "I think we've really gotten to the point that it's not about do I trust my employees? It's about identifying that anomalous behavior that's taking place in your systems and your networks," said Grant Schneider, a former U.S. federal CISO and senior director for cybersecurity services at Venable LLP.
Hackers Will Target Remote Work Infrastructure, Exploiting Vulnerabilities in VPNs, Cloud Services and RDPs
The attack surface expanded dramatically with the move to remote working, and it shows no signs of shrinking. Bad actors will exploit vulnerabilities including unpatched software and VPNs to access sensitive corporate networks and data - often stored in the cloud. "You're seeing much more cloud jacking. In general, everyone presumes that cloud providers have their act together, when many times they don't," Tom Kellerman, senior vice president of cyber strategy at Contrast Security.
Cyberattacks Against Third-Party Suppliers and Software Vendors Will Intensify
Threat actors compromised hundreds of organizations with attacks on third-party software and hardware providers, they will be looking for new gateways in 2024. Third-party cybersecurity audits of partners will become a top priority for many organizations. "It's very difficult for companies to manage the security of their service providers and their supply chain - and easy for the attackers to get in," said Michael Gorelik, CTO at Morphisec.
Defences Must be Shored up to Defend Against Cyberattacks on Critical Infrastructure
Attacks against critical infrastructure are motivated by both geopolitical conflicts and financial motives, but the potential to cause widespread disruption and harm in an election year is high. Smaller organizations such as local hospitals and water treatment plants are the most vulnerable. "At the municipal level, it's even worse than at the larger scale utility because they just don't have the staff or money to do it. But I think that's where the biggest investment should be this year - really looking at how you shore up these industries," said Jenny Hedderman, risk counsel at the Massachusetts Office of the Comptroller.
IoT Devices Will Be Easy Targets for Hackers Looking to Create Large-Scale Botnets and Gain Access to Networks
The explosion of connected IoT devices continues and poor security features are making them more attractive targets for hackers. "2023 was the year of I think one of the biggest DDoS attacks ever and involved leveraging these devices. And now that you know that the attackers have figured out how to successfully use them, I don't think they're going to stop until we figure out how to mitigate it," said Joe Sullivan, CEO of Ukraine Friends and former CSO at Uber.
Attacks on Mobile Devices Will Rise, Exploiting Vulnerabilities in Mobile Operating Systems, Apps and Mobile-Centric Technologies
Businesses and government agencies increasingly rely on mobile devices, but vulnerabilities in operating systems, apps and emerging 5G networks make them prime targets for nation-station actors bent o espionage and a growing number of cybercriminal groups. NSO group, for example, have very advanced toolkits for compromising phones, establishing persistence and using them in a variety of ways to essentially get access to anything they want to get access to. So as usual, your best defense other than using the features that are built into the devices to make them more resistant to attack are less likely to be compromised, at least make the attacker take longer to do it," advised Martin Roesch, CEO of Netography.
Cybercriminals Will Combine Stolen to Establish More Complete Identities for Identity Theft and Financial Fraud
The wealth of stolen data on the dark web and more targeted spear-phishing attacks will help cybercriminals develop complete dossiers on individuals and establish full identities that can commit fraud without detection. Generative AI will likely to play a role. "I do think that we'll start to see more contextualized attacks that kind of piece together people's information more effectively to make them way more targeted," Mellen said. "Particularly for high profile targets - potentially for others as well - although it will take a lot of automation to make that work at scale."
Cyberwarfare Activities Including Espionage, Sabotage and Influence Campaigns Will Increase
The blurred lines between nation-state actors and cybercriminals will lead to complex cyber conflicts with global implications in 2024. Geopolitical tensions related to wars in Israel and Ukraine could lead to more disruptive attacks. "I think that we're going to see a shift from espionage to sabotage this year," Kellerman said. "You'll see more destructive attacks. You're also seeing this technological transfer per se between Russia and China and rogue nation states to empower them."
Organizations Will Start Preparing for Post-Quantum Cryptography to Secure Communications for the Future
Future innovations in quantum computers have the potential to break many of the cryptographic algorithms currently in use. Will 2024 be the year that public and private-sector organizations start preparing for post-quantum cryptography world? "If we take the advances in AI and the massive investments that are happening and assume that artificial intelligence is going to get better at math, we're going to have AI and quantum meet in the middle - and we better be ready for it," Sullivan said.
Cybersecurity teams are indeed facing new threats from emerging technologies, geopolitics and cybercriminals. 2024 could be the worst year on record, but there's still hope for change for this dynamic industry.