The predictions for 2024 revealed by the research arm of cybersecurity solutions provider Check Point Software cover seven main categories: AI and machine learning; supply chain and critical infrastructure attacks; cyber insurance; nation state; weaponised deepfakes; phishing and ransomware.
As cybercriminals continue to evolve their methods and tools, businesses will need to keep adapting their cybersecurity measures to stay one step ahead.
Over half of UK tech SMBs cite new threats as biggest security challenge — Sage research has found keeping up with new security threats to be the biggest challenge for 54 per cent of tech SMBs in the UK.
Artificial intelligence and machine learning
According to Check Point’s predictions report, AI and ML are set to impact both sides of the cyber crime battle, and will in turn evolve with regulations currently being drafted globally.
1. Rise of AI-directed cyber attacks
With artificial intelligence and machine learning dominating conversations in cybersecurity, 2024 is predicted to see more threat actors adopt AI to accelerate and expand every aspect of their toolkit.
Whether this is for more cost-efficient rapid development of new malware and ransomware variants, or using deepfake technologies to take phishing and impersonation attacks to the next level, AI and ML will unleash new challenges for security teams.
2. Fighting fire with fire
To combat AI-powered attacks, security teams are set to tap into the technology’s potential themselves.
Significant investment has already been made in AI for cybersecurity, and this will continue as more companies look to guard against advanced threats.
3. Impact of regulation
Significant steps have been made in the EU and the US regarding AI regulation. As these plans develop, we will see changes in the way these technologies are used, both for offensive and defensive activities.
“Our reliance on AI for cybersecurity is undeniable, but as AI evolves so will the strategies of our adversaries,” said Sergey Shykevich, threat intelligence group manager at Check Point Software Technologies.
“In the coming year, we must innovate faster than the threats we face to stay one step ahead. Let’s harness the full potential of AI for cybersecurity, with a keen eye on responsible and ethical use.”
Supply chain and critical infrastructure attacks
The supply chain, as well as critical infrastructure, are set to continue being prominent targets for threat actors in 2024.
4. Zero trust in the supply chain
To mitigate the increasing cyber attacks on critical infrastructure, particularly those with nation-state involvement, firms will shift towards “zero trust” models that require verification from anyone attempting to connect to a system — regardless of whether they are inside or outside the network.
With governments introducing stricter cybersecurity regulations to protect personal information, it will be essential for businesses to stay ahead of these new legal frameworks.
5. Supply chain to remain weak link
The rate of incidents involving the supply chain remains a challenge for organisations, and the impact can be far reaching.
This will continue to be a trend next year if firms fail to implement stricter evaluations of third-party suppliers.
6. Strengthening security protocols
Recent breaches highlight the critical importance of stronger security protocols in the supply chain.
As cybercriminals target smaller suppliers down the line to access larger companies, organisations must demand stricter evaluations and implementation of security protocols to prevent further attacks.
Considering security risks from third parties in the supply chain — Exploring how organisations can mitigate security risks brought by third parties.
Cyber insurance
Insurance to cover cyber incidents have risen up corporate agendas in the past few years, and the space will see continued evolution in 2024, according to Check Point Research.
7. AI in insurance
Like all sectors, AI is set to transform the way that insurance companies assess the cyber resilience of prospective customers.
This trend will provide opportunities for these insurance providers to offer cybersecurity services directly, but AI alone will not solve all security challenges, and firms must balance security with convenience.
8. Preventative approach to reduce premiums
With rising cyber insurance costs and talent shortages, businesses are set to start shifting from reactive security to more effective defensive security.
By demonstrating preventative action against cyber attacks, organisations may see their premiums reduced.
Nation state attacks and hacktivism
Geo-political matters occurring globally will continue impacting cybersecurity at scale in 2024, with nation state actors evolving tactics and shifting towards ‘hacktivism’ — attacks that look to promote a political agenda or social change.
9. The staying power of cyber warfare
The Russia-Ukraine conflict was a significant milestone in the case of cyber warfare carried out by nation-state groups.
Geo-political instability is set to continue into next year, with hacktivist activities making up a larger proportion of cyber attacks — particularly DDoS attacks — with the key aim to disturb and disrupt.
10. Masking hidden agendas
While many hacktivist groups use a political position as a reason to launch attacks, they may mask ulterior motives.
We could see blurred lines between hacktivism and commercialism, with threat actors choosing ransomware attacks as a revenue stream to fund other activities.
Why cyber crime groups are some of the world’s most effective start-ups — Exploring how the top cyber crime groups are deploying talent and technology.
Weaponised deepfakes
Recent research suggests rising concerns over deepfakes as a way to target and infiltrate company networks, and this is predicted by Check Point to be a prominent talking point across cybersecurity in 2024.
11. Deepfake technology advances
Deepfakes are often weaponised to create content that will sway opinions, alter stock prices, or worse.
These tools are readily available online, and threat actors will continue to use deepfake social engineering attacks to gain permissions and access sensitive data.
Phishing attacks
Phishing threats and attacks are projected to remain prominent next year, with messages becoming more authentic-looking in order to catch prospective victims out.
12. Phishing and legitimate tools
While software will always be exploitable, it has become far easier for threat actors to “log in” instead of “break in”.
Over the years, layers of defence have been built up to detect and prevent intrusion attempts against software exploits. With the relative success and ease of phishing campaigns, next year will bring more attacks that originate from credential theft, rather than vulnerability exploitation.
13. Advanced phishing tactics
AI-enhanced phishing tactics could become more personalised and effective, making it more difficult for users to identify malicious intent. This could lead to increased phishing-related breaches.
How to recognise common phishing attacks — Phishing attacks are mostly sent via email and prey on people’s trust and generosity. How can you know if you’re being scammed?
Ransomware
The frequency and impact of ransomware is also here to stay, going into 2024, with stealthy exploits, enhanced extortion and AI battlefields front of mind for attackers.
14. ‘Living off the land’ tactics to prevail
The adoption of “living off the land” techniques — leveraging legitimate system tools to execute attacks — is expected to surge, especially in light of successful takedowns of malware networks like Qbot by agencies such as the FBI.
This subtler approach, harder to detect and thwart, underscores the necessity for sophisticated threat prevention strategies, including Managed Detection and Response (MDR), that can pinpoint device and network behaviour anomalies.
15. Data risks amidst ransomware defences
Despite defences being bolstered against ransomware, data loss or leakage incidents are likely to ascend over the course of next year.
A contributing factor, says Check Point, could be increasing reliance on SaaS platforms to store sensitive data as part of application services, presenting new vectors and vulnerabilities that malicious entities can exploit.
16. Ransomware reporting nuances
The observed increase in ransomware attacks will require discerning interpretation, potentially being inflated due to newly instituted reporting mandates.
It will be imperative to dissect these statistics judiciously, understanding the dynamics of reporting protocols in analysing the true scope and scale of the threat.
Daniel Wiley, head of threat management and chief security advisor for Infinity Global Services at Check Point Software, commented: “The use of artificial intelligence by ransomware attackers will become more advanced, requiring organisations to not only focus on preventing attacks, but also enhancing their incident response and recovery plans to mitigate the potential impact.
“As attacks become more sophisticated, organisations need to evolve their approach to security to stay ahead of the game.”
Related:
The next wave of cyber adversaries, and how to protect against them — How organisations can protect against evolving attack tactics.