In this Writer's Room blog, Andela community member Wasif Khan predicts the cybersecurity threats that organizations need to look out for in 2024 to stay one step ahead!


As we approach 2024, the ever-changing world of cyberspace brings forth new challenges and risks. With the progression of technology, cybercriminals are also adapting and evolving their strategies. Let's explore the upcoming cybersecurity threats that demand the attention of CIOs, CTOs, CEOs, organizations, and governments in 2024.

Ransomware 2.0: More sophistication, more damage

Ransomware attacks have been increasing in recent years, and are expected to become even more menacing in 2024. Cybercriminals are expected to leverage greater sophistication in their tactics, including the deployment of AI-driven ransomware that can adapt and evade traditional security measures. Double extortion tactics, where attackers steal sensitive data before encrypting it, will continue to rise, putting additional pressure on victims to pay the ransom.

According to Microsoft, 98% of all ransom software takes less than 4 hours to take over a company’s software. The most malicious ransom software can infiltrate the company’s system in 45 minutes. The recovery from ransom attacks is becoming more expensive with every passing day. The data shows that the average cost of recovery from a ransom attack in 2023 has doubled from 2022.

Supply chain attacks have the potential to cause widespread disruption. Next year, we can anticipate cybercriminals targeting software vendors, suppliers, and service providers. Compromising these entities can lead to the distribution of tainted products and services, putting countless users and organizations at risk. Staying vigilant about your supply chain’s cybersecurity will be crucial.

AI-powered offensives

The use of artificial intelligence (AI) and machine learning (ML) in cyberattacks is gaining traction. In 2024, malicious actors will continue to harness AI to automate and optimize their attacks. AI-powered attacks can learn from their mistakes, making them more resilient and adaptive. This poses a significant challenge for cybersecurity professionals who must respond with AI-driven defence mechanisms.

Insecurity in internet-connected devices

The increase in the use of internet-connected devices heralds an heightened rate of cybercrime risk as well. Many IoT devices are inadequately secured and can serve as entry points into larger networks. We should expect an increase in IoT-related vulnerabilities and attacks. It is imperative for individuals and organizations to prioritize the security of IoT devices and networks.

Cloud security concerns

As cloud adoption continues to increase, ensuring the security of cloud-based networks will be paramount. Misconfigured cloud settings, weak access controls, and data breaches in the cloud are becoming common. Organizations need to implement robust cloud security measures, conduct regular audits, and provide proper training to employees to remove these risks.

Zero-day attacks

Zero-day vulnerabilities in software and hardware remain a sought-after asset for cybercriminals. These vulnerabilities are unpatched and unknown to the concerned parties, making them prime targets.

In a survey conducted in 2021, which involved 1,263 companies that had been subjected to a cybersecurity breach, it was revealed that 80% of those who made a ransom payment reported encountering another attack shortly thereafter. Surprisingly, 60% of cyber incidents could have been averted if an existing patch had been applied, and 39% of organizations acknowledged their vulnerability before the cyber attack took place

We can anticipate the discovery and exploitation of more zero-day vulnerabilities, highlighting the importance of prompt patching and adequate post-attack procedures.

Phishing and social engineering

Phishing and social engineering attacks continue to be effective due to their ability to manipulate human psychology.

Phishing attacks are characterized by emails or web pages to fool users. Princeton University’s information security office provides an overview of how such attacks usually manifest:

“Typically, the phisher sends an email message to a large group of individuals whose addresses he has captured from address books and websites across the internet. The message, usually well-crafted and official-looking, may claim to be from a financial institution, a service provider, or any other organization known by the recipient. Often, the recipient is asked to provide the information by clicking a website link in the email. But while the link to the website may look legitimate, the link that is displayed is not necessarily the actual site you visit when you click on it.”

As per Verizon’s data breach report, 85% of the data breach is due to social engineering. Expect these attacks to become more sophisticated, targeted, and convincing over the next twelve months. Cyber attackers may employ deep fake technology to impersonate trusted individuals or manipulate video and audio content, making it even harder to discern genuine from fake.

Critical infrastructures

Critical infrastructure, including power grids, water supply systems, and transportation networks, remains are really critical and vulnerable for cyberattacks. Nation-states and state-sponsored actors may aim to infiltrate and compromise these systems for spying, disruption, or even warfare. Protecting critical infrastructure is a matter of national security and requires increased investment and vigilance.

Cryptocurrency concerns

Cryptocurrencies have become a haven for cybercriminals. We can expect a surge in cryptocurrency-related threats, including theft, scams, and the propagation of crypto-mining malware. As cryptocurrencies continue to gain legitimacy, regulation and cybersecurity measures will be needed to protect users and investments.

Poor cyber practices

Poor cyber practices pertain to poor habits and non-compliance with cybersecurity regulations while technology usage. Avoiding unsecured Wi-Fi connections, implementing multi-factor authentications, usage of VPN, and other secure practices are inevitable, and ignoring them can cause severe legal and financial losses to organizations.

In the era of remote work, these vulnerabilities are even higher. Passwords are easily accessible due to weak security networks in coffee shops and personal home offices. Employee training is important to mitigate the cyber risks due to such negligence.

Third-party exposure

Cybercriminals can breach security systems by exploiting less secure networks of third parties who possess special access to the cybercriminal’s primary target.

A prominent illustration of a third-party breach took place in early 2021 when hackers exposed personal information from more than 214 million Facebook, Instagram, and LinkedIn accounts. These hackers gained entry to the data through a breach of a third-party contractor named Socialarks. This contractor had been engaged by all three companies and enjoyed privileged access to their networks.

Cybercriminals can breach security systems by exploiting the weak links in the organization’s supply chains. They can be a weak code, a third party with a compromised security system, or hijacking operational technologies.

Conclusion

As we step into a new year, the cybersecurity landscape is as dynamic and challenging as ever. The emerging cyber threats discussed in this article serve as a reminder that vigilance, preparation, and adaptation are key to staying safe in the digital world. Individuals, organizations, and governments must prioritize cybersecurity measures, invest in advanced technologies, and foster collaboration within the cybersecurity community to effectively mitigate these evolving threats. In a world where the digital realm is increasingly intertwined with our daily lives, staying ahead of cyber threats is not only an option, it's a necessity.