The year 2023 brought about significant shifts and trends in cyber threats – the weaponization of AI, geopolitical cyber attacks, and more. As we look forward to 2024, the cyber landscape appears to be even more challenging.
With the holiday season in full swing, tune into the 12 key cyber areas to reflect on leading up to Christmas – looking closely at 2023’s trends and exploring the outlook for the upcoming year. All fuelled by research from our dedicated Threat Intelligence team.
The interconnected nature of vulnerabilities came to the forefront in 2023, exemplified by the 4 Juniper flaws. Although individually rated low by the Common Vulnerability Scoring System (CVSS), when chained together post Proof of Concept (PoC) publication, they resulted in Remote Code Execution (RCE). This trend emphasises the importance of addressing vulnerabilities comprehensively and understanding the potential impact of their combination.
A concerning trend emerged as new ransomware groups proliferated, building their strains from previously leaked source code. This ease of entry into the ransomware arena facilitated the rapid formation of these groups, posing a significant challenge for cybersecurity professionals. The use of recycled code implies a need for enhanced security measures to combat both new and adapted threats.
As artificial intelligence (AI) gained prominence, so did the demand for AI ‘jailbreaks’ by adversaries. Tools like WormGPT surfaced on the dark web, capable of manipulating AI models to generate malicious output. This trend raises concerns about the potential misuse of AI for creating malware, phishing templates, and other harmful content, showcasing the ethical dilemmas associated with advanced technology.
Hear from Mitch Mellard, Threat Intelligence Consultant at Talion, as he took the virtual stage to share his thoughts on AI as part of DEVO’s SOC Appreciation Day.
Ransomware groups adopted shock tactics, targeting healthcare providers and escalating their extortion methods. Instances of posting shocking documents on leak sites, such as patient surgery photos, became more prevalent. This shift in strategy reflects the adaptability of cybercriminals to changing circumstances, emphasising the importance of robust cybersecurity measures, particularly in critical sectors like healthcare.
Hacktivism took center stage in conflicts, with Russian groups causing major disruptions. This trend quickly extended to conflicts like Hamas/Israel, where hacktivist groups multiplied rapidly. The intertwining of cyber warfare with geopolitical conflicts highlights the need for companies to anticipate and mitigate the impact of such activities.
The focus of cyber attacks shifted in accordance with political decisions, notably in the Russia/Ukraine conflict. The renewed effort by Russia to target American businesses underscored the geopolitical underpinnings of cyber threats. Cybersecurity strategies must adapt to the dynamic nature of geopolitical events, ensuring companies remain resilient in the face of evolving threats.
The ease of conducting sophisticated attacks has empowered individuals lacking in-depth knowledge, leading to the emergence of new ransomware groups. In 2024, the focus appears to be on small to medium-sized businesses, possibly due to a cautious approach or inexperience. The success of these attacks is exacerbated by the financial constraints that prevent smaller entities from implementing robust security defenses.
As initiatives against paying ransom demands gain momentum, ransomware groups are likely to become more aggressive, personal, and destructive. Critical businesses, including those in healthcare, finance, transportation, and utilities, may become primary targets. 2024 is poised to witness a shift in focus towards high-profile targets in a “go big or go home” approach.
The impact of a recession and improved company security measures may lead to an uptick in insider threats. Layoffs and financial struggles could make insiders susceptible to financial incentives, offering attackers alternative avenues to infiltrate networks. Businesses need to address this evolving threat landscape through a combination of technological and human-centric security measures.
The success of supply chain attacks, exemplified by the MOVEit breach, is likely to inspire more groups in 2024. With businesses expanding their technology portfolios, the number of vulnerabilities and potential victim businesses is set to increase. The dark web marketplace may witness a surge in zero-day brokers selling exploits, posing a significant challenge to cybersecurity professionals.
The intersection of geopolitics and cyber warfare continues to shape the threat landscape. Following the stages observed in the Russia/Ukraine conflict, the Hamas/Israel conflict is witnessing hacktivist groups taking sides and disseminating attacks. The potential for boycotts and cyber threats against companies associated with geopolitical conflicts poses challenges for businesses operating globally.
The fight against cyber threats will necessitate increased global collaboration. Initiatives like the International Counter Ransomware Initiative conference, where 40 countries pledged to refuse ransom payments, highlight the importance of international cooperation. In 2024, expect to see more concerted efforts to share threat intelligence, harmonise cybersecurity regulations, and collectively combat cybercrime on a global scale.
As we transition into 2024, the cybersecurity landscape remains dynamic and unpredictable. Businesses must stay vigilant, adapt to emerging threats, and continuously enhance their cybersecurity posture to safeguard against evolving cyber risks. The trends of 2023 serve as valuable lessons, guiding the way forward in the ongoing battle against cyber threats.
Keep on top of new and emerging trends in 2024 with our Threat Intelligence podcast here, updated weekly with top Tactics, Techniques and Procedures (TTP’s) to look out for.
Call us directly and we’ll put you in touch with the most relevant cyber expert.
Not currently free to call? Give us a brief description of what you’re looking for by filling out our form and we’ll email you as soon as we can.
Thought-provoking cyber security discussion at Michelin-star restaurants across the UK.
