Cybersecurity threats forecast to cause heavy damage by 2024

Cybersecurity threats continue to be a major concern for organizations around the world. Although generative AI and other emerging technologies hold promise for helping fight malware and online fraud, cybersecurity remains the biggest challenge facing organizations globally. Organizations also need to spend large sums of money each year to improve their cybersecurity systems.

According to a report by Gartner, a US-based digital market research and consulting firm, global end-user spending on cybersecurity and risk management is expected to total $215 billion by 2024, up 14.3% from 2023. A large portion of this spending will focus on data privacy and cloud security.

In particular, the increased use of AI by organizations opens the door to more cybersecurity threats, especially when it comes to the impact of processing personal data. Gartner also predicts that by 2025, 75% of the world's population will have personal data protected by modern privacy regulations.

While businesses are pouring huge amounts of money into protecting their data and that of their users, it is important to remember that cybercriminals are also using AI, specifically to launch more sophisticated threats against businesses. Today, cyber security threats come in many different forms, and generative AI is also helping cybercriminals improve their attack methods.

Oakley Cox, CTO at UK cybersecurity firm Darktrace, pointed out that generative AI will allow attackers to conduct phishing across language barriers. Cox said that currently, the majority of social engineering attacks for phishing are conducted in English because English is spoken by millions of people and dominates business operations in many regions of the world.

For businesses in the Asia-Pacific (APAC) region, the diversity of local languages ​​limits the range of opportunities hackers can target. Employees are often wary of phishing emails written in English, but are often unconcerned when receiving emails written in their local language.

“As AI becomes more widely used to support software development, cybersecurity teams will use it to find vulnerabilities in their own software,” Oakley Cox said. “On the other hand, AI can also become an even more powerful tool for attackers to find and exploit new vulnerabilities in software to carry out attacks.”

Ransomware remains a major cybersecurity threat in 2024

Ransomware(Ransomware) is a type of malware that encrypts a victim's data and demands a ransom to decrypt it. Ransomware can infect a victim's device in a variety of ways, such as through phishing emails, exploit attacks, and network attacks.

Ransomware dominated cybersecurity incidents in 2023 and is likely to continue to be a major concern for organizations in 2024. Although the number of businesses paying ransoms to recover data has increased, cybersecurity experts continue to advise against it.

Countries are also stepping up regulations to ensure businesses take their data more seriously and are held accountable for any cybersecurity incidents. Australia, for example, has adopted new plans to strengthen cybersecurity over the next few years, while Singapore is currently seeking public feedback on how it can improve its approach to cybersecurity threats.

According to Liam Dermody, Head of Deep Penetration Testing at Darktrace, it is likely that ransomware groups will focus their attention on APAC countries. The Hong Kong Computer Emergency Response Team Coordination Centre (HKCERT) reported an increase in ransomware targeting the region towards the end of 2023.

Dermody believes this could be a permanent shift of ransomware groups to the APAC region, as the region shares important similarities with Central America, which saw a spike in ransomware attacks in 2022. The APAC region includes some of the world's fastest-growing economies but also contains many businesses that are not as well-prepared as their counterparts in other regions that have been targeted by ransomware in the past.

For ransomware groups, the APAC region appears to be a promising new investment area. Moreover, compared to their traditional regions such as the US, where cybercriminals are facing increased scrutiny from governments, intelligence agencies, and law enforcement, APAC offers lower risk. The combination of low risk and high returns could see ransomware groups continue to focus on the APAC region through 2024.

Meanwhile, Tony Jarvis, VP of enterprise security at Darktrace, said the biggest change happening now is greater government involvement in regulating and responding to ransomware.

“The Australian government is now requiring businesses to report ransomware activity so that better measures can be taken, including understanding the scale of the problem and coordinating responses with affected organisations. This is currently only applicable in Australia, but I hope other neighbouring countries will follow suit or adopt similar regulations,” added Tony Jarvis.

Hackers will continue to find ways to bypass multi-factor authentication security systems in 2024

Multi-factor authentication (MFA) is a security system that requires multiple authentication methods to help prevent unauthorized account access when the system password is compromised. The account login process consists of multiple steps, in which the user is required to enter additional information in addition to the password. For example, along with the password, the user may be required to enter a code sent by email, phone, answer a secret question, or scan a fingerprint.

Multi-factor authentication significantly reduces the risk of data breaches, making it crucial for enterprise security.

Multi-factor authentication has been a huge success in preventing hackers from reusing stolen passwords and “Brute Force” attacks, which are cyber attacks where hackers use software to “mix” different characters into valid passwords. MFA’s effectiveness has made it a prerequisite in many cybersecurity frameworks and a default setting for many vendors. Unfortunately, as MFA has become more widely used, attackers have adapted to this barrier and developed a number of ways to bypass it.

Methods used by hackers include sending countless MFA notifications until the frustrated victim clicks the “Accept” button, tricking users into entering MFA authentication codes, gaining access to users’ email or social media accounts to get MFA authentication codes, and attacking the software or hardware of the network system to disable MFA.

Cybersecurity expert Liam Dermody believes that MFA bypasses can be done by both professional and amateur hackers and that there has been a significant increase in MFA bypasses in recent high-profile attacks, a trend that will continue into 2024.

“We should not view MFA security systems as the only and optimal solution to protecting authentication information and should pay more attention to unusual activity during and after the authentication process takes place,” Dermody added.

In this regard, Darktrace’s VP of enterprise security, Tony Jarvis, explains that as cybercriminals look to bypass MFA security systems, we need to develop newer security technologies. Jarvis says that each year sees a slew of technologies come to market that are aimed at plugging some of the gaps in existing defenses or simply countering new techniques and exploits that threat actors are using and exploiting.

While 2024 won't be much different than 2023 in this regard, what is changing is the growing number of technologies, categories, terminology, and domains that security professionals need to master.

In short, businesses need to make sure they are well prepared for 2024 to deal with any type of cybersecurity threat that is targeting them. According to cybersecurity experts, it is always better to prepare in advance rather than deal with a cybersecurity incident when it occurs.