Cybersecurity threats that could cause serious damage in 2024 are predicted

Cybersecurity threats continue to be a major concern for organizations around the world. While generative AI and other emerging technologies hold promise for helping fight malware and online fraud, cybersecurity remains the biggest challenge facing organizations globally. Organizations also need to spend large sums of money each year to improve their cybersecurity posture.

According to a report by Gartner, a US-based digital market research and consulting firm, global end-user spending on cybersecurity and risk management is expected to total $215 billion by 2024, up 14.3% from 2023. A large portion of this spending will focus on data privacy and cloud security.

In particular, the increasing use of AI by organizations opens the door to more cybersecurity threats, especially when it comes to the impact of processing personal data. Gartner also predicts that by 2025, 75% of the world's population will have personal data protected by modern privacy regulations.

While businesses are pouring huge amounts of money into protecting their data and that of their users, it is important to remember that cybercriminals are also using AI, specifically to launch more sophisticated threats against businesses. Cybersecurity threats come in many different forms today, and generative AI is also helping cybercriminals improve their attack methods.

Oakley Cox, CTO at UK cybersecurity firm Darktrace, pointed out that generative AI will enable attackers to conduct phishing attacks across language barriers. Cox said that currently, the majority of social engineering attacks for phishing are conducted in English because English is spoken by millions of people and dominates business operations in many regions of the world.

For businesses in the Asia-Pacific (APAC) region, the diversity of local languages ​​limits the range of opportunities for hackers to target the region. Employees are often wary of phishing emails written in English, but are often unconcerned when receiving emails written in their local language.

“As AI becomes more widely used to support software development, cybersecurity teams will use it to find vulnerabilities in their own software,” Oakley Cox said. “On the other hand, AI can also become an even more powerful tool for attackers to find and exploit new vulnerabilities in software to launch attacks.”

Ransomware remains a major cybersecurity threat in 2024

Ransomware(Ransomware) is a type of malware that encrypts a victim's data and demands a ransom to decrypt it. Ransomware can infect a victim's device in a variety of ways, such as through phishing emails, exploit attacks, and network attacks.

Ransomware dominated cybersecurity incidents in 2023 and is likely to continue to be a major concern for organizations in 2024. Although the number of businesses paying ransoms to recover data has increased, cybersecurity experts continue to advise against doing so.

Countries are also stepping up regulations to ensure businesses take their data more seriously and are held accountable for any cybersecurity incidents. Australia, for example, has introduced new plans to strengthen cybersecurity over the next few years, while Singapore is currently seeking public feedback on how it can improve its approach to cybersecurity threats.

According to Liam Dermody, Red Team Deep Penetration Test Lead at Darktrace, it is likely that ransomware groups will focus their attention on APAC countries. The Hong Kong Computer Emergency Response Team Coordination Centre (HKCERT) reported an increase in ransomware targeting the region in late 2023.

Dermody believes this could be a permanent shift of ransomware groups to the APAC region, as the region shares important similarities with Central America, which saw a spike in ransomware attacks in 2022. The APAC region includes some of the world’s fastest-growing economies but also contains many businesses that are not as well-prepared as their counterparts in other regions that have been targeted by ransomware in the past.

For ransomware groups, the APAC region looks like a promising new investment area. Moreover, compared to their traditional regions such as the US, where cybercriminals are facing increased scrutiny from governments, intelligence agencies, and law enforcement, APAC offers lower risk. The combination of low risk and high returns could see ransomware groups continue to focus on the APAC region through 2024.

Meanwhile, Tony Jarvis, VP of enterprise security at Darktrace, said the biggest change happening right now is greater government involvement in regulating and responding to ransomware.

“The Australian Government is now requiring businesses to report ransomware activity so that better measures can be taken, including understanding the scale of the problem and coordinating responses with affected organisations. This is currently only applicable in Australia, but I hope other neighbouring countries will follow suit or adopt similar regulations,” Mr. Tony Jarvis added.

Hackers will continue to find ways to bypass multi-factor authentication security systems in 2024

Multi-factor authentication (MFA) is a security system that requires multiple authentication methods to help prevent unauthorized account access when a system password is compromised. The account login process consists of several steps, in which the user is required to enter additional information in addition to the password. For example, along with the password, the user may be required to enter a code sent via email, phone, answer a secret question, or scan a fingerprint.

Multi-factor authentication significantly reduces the risk of data breaches, making it crucial for enterprise security.

Multi-factor authentication has been a huge success in preventing hackers from reusing stolen passwords and “Brute Force” attacks, where hackers use software to “mix” different characters into valid passwords. The effectiveness of MFA has made it a prerequisite in many cybersecurity frameworks and a default setting for many vendors. Unfortunately, as MFA has become more widely used, attackers have adapted to this barrier and developed a number of ways to bypass it.

Methods used by hackers include sending countless MFA notifications until the frustrated victim clicks the “Accept” button, tricking users into entering MFA authentication codes, gaining access to users’ email or social media accounts to obtain MFA authentication codes, and attacking the software or hardware of the network system to disable MFA.

Cybersecurity expert Liam Dermody believes that MFA bypasses can be done by both professional and amateur hackers and that there has been a significant increase in MFA bypasses in recent high-profile attacks, a trend that will continue into 2024.

“We should not view MFA security as a single and optimal solution to protect authentication information and should pay more attention to unusual activity during and after the authentication process takes place,” Dermody added.

In this regard, Darktrace VP of Enterprise Security Tony Jarvis explains that as cybercriminals seek to bypass MFA security systems, we need to develop new security technologies. Jarvis says that each year sees a slew of technologies coming to market that are aimed at plugging some of the gaps in existing defenses or simply countering new techniques and exploits that threat actors are using and exploiting.

While 2024 won't be much different than 2023 in this regard, what is changing is the growing number of technologies, categories, terminology, and domains that security professionals need to master.

In short, businesses need to make sure they are well prepared for 2024 to deal with any type of cybersecurity threat that is targeting them. According to cybersecurity experts, it is always better to be prepared with preventive measures than to deal with a cybersecurity incident when it occurs.