Threat Intelligence Update: Dangerous Trends to Monitor in 2024 - Talion

In 2023, the digital threat landscape witnessed a significant surge in cyber threats, particularly ransomware attacks.

According to ThreatLabz research, there was a 37% increase in ransomware incidents, with the average ransom demand in enterprise attacks reaching a staggering $5.3 million, and average payments exceeding $100,000. This rise in ransomware activity was further fueled by the emergence of Ransomware-as-a-Service (RaaS), a model enabling the sale or lease of ransomware services on the dark web, exemplified by the rise of the ALPHV BlackCat group. This group has been linked to multiple high-profile attacks, highlighting an unsettling trend in the cybercriminal world​​.

Additionally, the largest data theft incident in 2023 involved Clop ransomware’s zero-day attack on the file transfer tool MOVEit, impacting over 83 million individuals and nearly 3,000 organizations. This attack underlined the persistent vulnerability of supply chains in enterprise security​​.

As we turn our attention to 2024, several key cybersecurity concerns need to be at the forefront for executives:

Escalating Ransomware Threats

Ransomware remains a dominant threat, with a marked rise in Ransomware-as-a-Service (RaaS). This business model, where ransomware tools are sold or leased on the dark web, empowers even less-skilled attackers to launch sophisticated attacks. Notably, the ALPHV BlackCat group has become a significant player in this space. Their high-profile attacks against casinos are a stark reminder of the evolving nature and sophistication of ransomware threats. The shift towards encryption-less extortion attacks further complicates this landscape, enabling attackers to exfiltrate data quietly before making ransom demands..

Advanced Social Engineering Tactics

Social engineering attacks have reached new heights of sophistication, with AI playing a crucial role. Tactics like phishing, smishing, and vishing are becoming increasingly personalized and convincing, leveraging AI to automate and refine attack strategies. The use of voice communications in vishing, exemplified by the activities of groups like ScatteredSpider in the gaming industry, demonstrates the evolving nature of these threats.

The Inadequacy of Traditional Security Measures

Traditional security architectures, including VPNs and firewalls, are proving insufficient against current threats. The increase in VPN vulnerabilities and related attacks highlights the need for a paradigm shift towards zero trust architecture. This approach, which assumes no inherent trust in any user or device, is becoming critical for modern cybersecurity strategies.

Targeting of Enterprise Tools

There’s an alarming trend of cyberattacks targeting core enterprise tools, underlining the vulnerability of the digital supply chain. These attacks, motivated by financial gains, credential theft, or geopolitical interests, emphasize the necessity for robust third-party risk management and extended cybersecurity protocols beyond organizational boundaries

State-Sponsored and Hacktivist Activities

The intersection of global politics and cybersecurity is more pronounced than ever. With the 2024 U.S. Presidential elections on the horizon, we anticipate a surge in hacktivism and state-sponsored cyberattacks. These actors aim to influence public opinion or achieve strategic goals, often targeting critical infrastructure and sensitive data


The cybersecurity landscape in 2024 demands a proactive and dynamic approach. As leaders in IT security, we must prioritize continuous employee training, especially regarding social engineering and AI-specific threats. Implementing robust layered security solutions, embracing zero-trust models, and investing in AI-driven cybersecurity tools are essential steps. Additionally, close collaboration with government and law enforcement agencies will be crucial in mitigating the sophisticated tactics of nation-state actors and hacktivists.

By staying vigilant and adapting swiftly to these challenges, we can better protect our organizations from the evolving cyber threats of 2024.

Watch demo video
We’re a tight-knit, highly skilled operation, so when a threat arises, we move quickly.
Watch demo video
We’re a tight-knit, highly skilled operation, so when a threat arises, we move quickly.
24x7x365 UK-based Security Operations Centre
Service underpinned by market leading threat intelligence team
Continually developed threat relevant content, backed by SLAs
MDR service has featured in the Gartner Magic Quadrant for 6 consecutive years
Experts in SIEM and SOAR technology
UK-based Senior Leadership
Looking to maximise value and flexibility?
Learn how Talion and DEVO partner to achieve this.
Discuss your cyber security needs
Contact us below and one of our team will be in touch to answer your questions.

Call us on 0800 048 5775

Call us directly and we’ll put you in touch with the most relevant cyber expert.

Get In Touch With Us

Not currently free to call? Give us a brief description of what you’re looking for by filling out our form and we’ll email you as soon as we can.

CISO Cyber Dinner – Register Your Interest!

Thought-provoking cyber security discussion at Michelin-star restaurants across the UK.