The beginning of January is traditionally the perfect month to look ahead to the new year. What can we expect in 2024 in the field of security? I present six predictions for this year.
Increase in Zero-Day Attacks
Companies often continue to be slow in patching vulnerabilities. This is not exclusive to only the SME sector, although it tends to happen there more often. The main cause here is often a lack of in-house expertise to timely implement updates.
There is also a lack of urgency in executing available patches on the side of the customers who use a product for which a vulnerability was discovered. Cybercriminals are aware of this. If you wait more than 48 hours after the release to install a patch on a server connected to the internet, the risk of a cyberattack via that route increases exponentially, as criminals are specifically searching for vulnerable systems that have not received a patch yet. As companies neglect their updates, cybercriminals find it more enticing to persist with their attacks. Organizations need to adapt their update and patch policies accordingly, even with the assistance of external experts. Additionally, an increase in zero-day attacks exploiting vulnerabilities without available patches is expected, particularly in espionage and sabotage-like cyberattacks executed by nation-states.
Digital Consequences of Physical Wars
The Russian invasion of Ukraine is one of the largest military conflicts in the Western world in recent decades. This conflict extends beyond the physical realm; a substantial cyberwar is also taking place. Unfortunately, digital casualties include entities not directly involved in the conflict, such as internationally operating companies with offices or factories in Ukraine. As long as the conflict persists, collateral damage of this kind will remain a sad reality. Similar problems are observed in other conflicts and wars around the world, and we have yet to come to terms with the fact that “cyberweapons” in general, despite the term being sort of flawed, do not care much about borders or nations.
Advancements in AI Continue
In 2023, AI made an undeniable breakthrough, and in 2024, further developments are expected. Cybercriminals are leveraging the benefits of AI, making phishing emails increasingly difficult to detect and consequently more effective. Developments in voice cloning and deepfake videos will also capture the interest of malicious actors. In 2024, we anticipate more cases where cybercriminals enlist the help of AI, especially in cybercrime targeting specific individuals. For example, there might be instances of "shock calls," where the caller, using AI voice technology, pretends to be a family member or an official entity to extract personal information. While this requires significant preparation and time from cybercriminals, it unfortunately yields high returns by enabling malevolent actors to effectively exploit the primitive emotions of their victims.
Hacktivism Surges
During Global Events, sports enthusiasts have circled the summer of 2024 in their calendars, with events like the Olympic Summer Games in Paris and the UEFA European Football Championship in Germany. However, criminal hackers also have these events on their radar. Expect a considerable amount of hacktivism during the sports summer, including DDoS attacks, official websites going offline, or displaying alternative messages. Similarly, the U.S. presidential (pre)elections and the elections for the European Parliament are likely to generate significant cyber activity, especially when it comes to disseminating misinformation.
Pursuit of Zero Trust Continues
In recent years, we've witnessed the increasing popularity of zero trust as a standard method for accessing networks or functionalities. This popularity is expected to grow even further in the new year. However, a stronger approach is needed, as zero trust, as any concept or product in security, is not a one-size-fits-all solution. While zero trust significantly enhances overall security, there are scenarios where it may still provide insufficient protection. Hackers and cybercriminals might obtain user login credentials with administrative rights by, for example, breaking multi-factor authentication through session cookie theft, a man-in-the-middle attack, or a so-called MFA fatigue attack. This could allow them to gain access to internal data and the entire network. Therefore, the protection of data itself, not just the focus on access to that data, remains crucial – even in 2024.
The Expanding Realm of Mobile Threats
In 2024, the range of threats aimed at mobile devices has become wider and more perilous. From advanced malware assaults to intricate phishing schemes, the risks are diverse. Cybercriminals are capitalizing on vulnerabilities in mobile operating systems and applications, resulting in an increase in data breaches. These breaches have the potential to compromise sensitive personal and corporate information. Recognizing the evolving nature of these threats constitutes the initial step in formulating effective strategies to counter them. Attackers are homing in on mobile devices and utilizing corporate communication channels to disseminate targeted attacks, primarily because most organizations lack defenses against such attacks. Following a year that showcased numerous sophisticated malware instances in 2023, 2024 is expected to witness a surge in more aggressive mobile ransomware. Furthermore, in 2024, Apple iOS will officially support third-party app stores in EMEA, introducing a new threat landscape that organizations must factor into their considerations. Although the specifics of how Apple will meet this requirement remain unclear, it is imperative for organizations to stay vigilant, especially given that the majority of mobile device malware originates from third-party app stores.
Image credit:
Mikhail Nilov / Pexels
Eddy Willems
Security Evangelist