Talion is a finalist for Best SIEM Solution

Talion is a finalist for Best SIEM Solution

Contact
12 Days of Cyber Christmas: 2023 Trends & 2024 Outlook - Talion

The year 2023 brought about significant shifts and trends in cyber threats – the weaponization of AI, geopolitical cyber attacks, and more. As we look forward to 2024, the cyber landscape appears to be even more challenging. 

With the holiday season in full swing, tune into the 12 key cyber areas to reflect on leading up to Christmas – looking closely at 2023’s trends and exploring the outlook for the upcoming year. All driven by research from our dedicated Threat Intelligence team.

 

Cybersecurity Trends of 2023:

 

1. Chain Vulnerabilities

The interconnected nature of vulnerabilities came to the forefront in 2023, exemplified by the 4 Juniper flaws. Although individually rated low by the Common Vulnerability Scoring System (CVSS), when chained together post Proof of Concept (PoC) publication, they resulted in Remote Code Execution (RCE). This trend emphasises the importance of addressing vulnerabilities comprehensively and understanding the potential impact of their combination.

2. Ransomware ‘Knockoffs’

A concerning trend emerged as new ransomware groups proliferated, building their strains from previously leaked source code. This ease of entry into the ransomware arena facilitated the rapid formation of these groups, posing a significant challenge for cybersecurity professionals. The use of recycled code implies a need for enhanced security measures to combat both new and adapted threats.

3. AI Manipulation

As artificial intelligence (AI) gained prominence, so did the demand for AI ‘jailbreaks’ by adversaries. Tools like WormGPT surfaced on the dark web, capable of manipulating AI models to generate malicious output. This trend raises concerns about the potential misuse of AI for creating malware, phishing templates, and other harmful content, showcasing the ethical dilemmas associated with advanced technology. 

Hear from Mitch Mellard, Threat Intelligence Consultant at Talion, as he took the virtual stage to share his thoughts on AI as part of DEVO’s SOC Appreciation Day.

4. Shock Value Extortion

Ransomware groups adopted shock tactics, targeting healthcare providers and escalating their extortion methods. Instances of posting shocking documents on leak sites, such as patient surgery photos, became more prevalent. This shift in strategy reflects the adaptability of cybercriminals to changing circumstances, emphasising the importance of robust cybersecurity measures, particularly in critical sectors like healthcare.

5. Hacktivist Efforts in Conflicts

Hacktivism took center stage in conflicts, with Russian groups causing major disruptions. This trend quickly extended to conflicts like Hamas/Israel, where hacktivist groups multiplied rapidly. The intertwining of cyber warfare with geopolitical conflicts highlights the need for companies to anticipate and mitigate the impact of such activities.

6. Targets Aligned with Political Decisions

The focus of cyber attacks shifted in accordance with political decisions, notably in the Russia/Ukraine conflict. The renewed effort by Russia to target American businesses underscored the geopolitical underpinnings of cyber threats. Cybersecurity strategies must adapt to the dynamic nature of geopolitical events, ensuring companies remain resilient in the face of evolving threats.

 

Outlook for 2024:

 

1. Proliferation of New Ransomware Groups

The ease of conducting sophisticated attacks has empowered individuals lacking in-depth knowledge, leading to the emergence of new ransomware groups. In 2024, the focus appears to be on small to medium-sized businesses, possibly due to a cautious approach or inexperience. The success of these attacks is exacerbated by the financial constraints that prevent smaller entities from implementing robust security defenses.

2. Evolution of Ransomware Tactics

As initiatives against paying ransom demands gain momentum, ransomware groups are likely to become more aggressive, personal, and destructive. Critical businesses, including those in healthcare, finance, transportation, and utilities, may become primary targets. 2024 is poised to witness a shift in focus towards high-profile targets in a “go big or go home” approach.

3. Rise of Insider Threats

The impact of a recession and improved company security measures may lead to an uptick in insider threats. Layoffs and financial struggles could make insiders susceptible to financial incentives, offering attackers alternative avenues to infiltrate networks. Businesses need to address this evolving threat landscape through a combination of technological and human-centric security measures.

4. Persistent Supply Chain Attacks

The success of supply chain attacks, exemplified by the MOVEit breach, is likely to inspire more groups in 2024. With businesses expanding their technology portfolios, the number of vulnerabilities and potential victim businesses is set to increase. The dark web marketplace may witness a surge in zero-day brokers selling exploits, posing a significant challenge to cybersecurity professionals.

5. Geopolitics and Cyber Warfare

The intersection of geopolitics and cyber warfare continues to shape the threat landscape. Following the stages observed in the Russia/Ukraine conflict, the Hamas/Israel conflict is witnessing hacktivist groups taking sides and disseminating attacks. The potential for boycotts and cyber threats against companies associated with geopolitical conflicts poses challenges for businesses operating globally.

6. Global Collaboration Against Cybercrime

The fight against cyber threats will necessitate increased global collaboration. Initiatives like the International Counter Ransomware Initiative conference, where 40 countries pledged to refuse ransom payments, highlight the importance of international cooperation. In 2024, expect to see more concerted efforts to share threat intelligence, harmonise cybersecurity regulations, and collectively combat cybercrime on a global scale.

 

As we transition into 2024, the cybersecurity landscape remains dynamic and unpredictable. Businesses must stay vigilant, adapt to emerging threats, and continuously enhance their cybersecurity posture to safeguard against evolving cyber risks. The trends of 2023 serve as valuable lessons, guiding the way forward in the ongoing battle against cyber threats.

Keep on top of new and emerging trends in 2024 with our Threat Intelligence podcast here, updated weekly with top Tactics, Techniques and Procedures (TTP’s) to look out for.

 
Watch demo video
We’re a tight-knit, highly skilled operation, so when a threat arises, we move quickly.
Talion
Watch demo video
We’re a tight-knit, highly skilled operation, so when a threat arises, we move quickly.
Talion
24x7x365 UK-based Security Operations Centre
Talion
Service underpinned by market leading threat intelligence team
Talion
Continually developed threat relevant content, backed by SLAs
Talion
MDR service has featured in the Gartner Magic Quadrant for 6 consecutive years
Talion
Experts in SIEM and SOAR technology
Talion
UK-based Senior Leadership
Looking to maximise value and flexibility?
Learn how Talion and DEVO partner to achieve this.
Discuss your cyber security needs
Contact us below and one of our team will be in touch to answer your questions.

Call us on 0800 048 5775

Call us directly and we’ll put you in touch with the most relevant cyber expert.

Get In Touch With Us

Not currently free to call? Give us a brief description of what you’re looking for by filling out our form and we’ll email you as soon as we can.