In the ever-evolving realm of cybersecurity, 2024 is poised to bring new challenges and threats, as criminal activities continue to surge. Check Point Research (CPR) reported an alarming 8% increase in global weekly cyberattacks during the second quarter of the year, marking the highest volume in two years. Familiar threats such as ransomware and hacktivism have evolved, while even legacy technology like USB storage devices has regained popularity as a vehicle to spread malware. In this article, we delve into the significant developments in the cybersecurity landscape and explore Check Point’s predictions for 2024.
Ransomware Evolution
One of the most notable developments in 2023 was the evolution of ransomware. Data from over 120 ransomware “shame-sites” revealed that, in the first half of the year, 48 ransomware groups breached and extorted over 2,200 victims. High-profile cases like the attack against MGM Resorts, which paralyzed major Las Vegas sites for days, underscore the severity of this threat, with remediation costs projected to run into millions.
Artificial Intelligence and Machine Learning
Artificial intelligence (AI) and machine learning (ML) have taken center stage in cybersecurity. In 2024, we can expect threat actors to adopt AI to accelerate and expand every facet of their toolkit. This includes the cost-efficient development of new malware and ransomware variants and the use of deepfake technologies for phishing and impersonation attacks. AI is the double-edged sword of cybersecurity, offering both offense and defense capabilities.
Cyber defenders have also recognized the potential of AI, leading to significant investments in AI for cybersecurity. As AI technology evolves, the strategies of adversaries are sure to follow. It is imperative to harness the full potential of AI for cybersecurity, with a keen eye on responsible and ethical use.
Regulation will play a pivotal role in the AI landscape. Europe and the US have taken significant steps to regulate AI use. These regulations will influence how these technologies are employed for both offensive and defensive activities.
As Sergey Shykevich, Threat Intelligence Group Manager at Check Point Software Technologies, points out, “Our reliance on AI for cybersecurity is undeniable, but as AI evolves so will the strategies of our adversaries. In the coming year, we must innovate faster than the threats we face to stay one step ahead. Let’s harness the full potential of AI for cybersecurity, with a keen eye on responsible and ethical use.”
Hackers Targeting the Cloud – GPU Farming
As generative AI’s popularity continues to soar, the cost of running massive models rapidly increases, potentially reaching tens of millions of dollars. In 2024, hackers are likely to target cloud-based AI resources, establishing GPU farms in the cloud to fund their AI activities. Just as computational cloud resources were prime targets for crypto mining a few years ago, GPU farming is set to become the latest and most sought-after target in cloud-based cyberattacks.
Supply Chain and Critical Infrastructure Attacks
The increase in cyberattacks on critical infrastructure, often involving nation-state actors, necessitates a shift towards “zero trust” models. This approach requires verification from anyone attempting to connect to a system, regardless of their location within or outside the network. Governments are introducing stricter cybersecurity regulations to protect personal information, pushing organizations to stay ahead of these new legal frameworks.
The supply chain remains a weak link in cybersecurity, with incidents involving the supply chain continuing to challenge organizations. The impact of such incidents can be far-reaching, and unless organizations implement stricter evaluations of third-party suppliers, this trend is expected to persist.
Strengthening security protocols is of paramount importance, as cybercriminals target smaller downline suppliers to access larger companies. Stricter evaluations and implementation of security protocols are essential to prevent further attacks.
Cyber Insurance and AI
AI is set to revolutionize the way insurance companies assess the cyber resilience of prospective customers. It also offers opportunities for these companies to provide cybersecurity services directly. However, it is crucial to understand that AI alone cannot solve all cybersecurity challenges, and companies must balance security with convenience.
With rising cyber insurance costs and talent shortages, organizations are shifting from reactive security to more effective defensive security. Demonstrating preventive action against cyberattacks may lead to reduced premiums, highlighting the need for a proactive approach to cybersecurity.
Nation State Attacks and Hacktivism
The Russo-Ukraine conflict was a significant milestone in the realm of cyber warfare carried out by nation-state groups. Geo-political instability is expected to continue into 2024, with hacktivist activities making up a larger proportion of cyberattacks. DDoS attacks will be a key weapon used to disturb and disrupt.
Hacktivist groups often use political positions as a pretext for launching attacks, but they may have ulterior motives. The lines between hacktivism and commercialism could blur, with threat actors choosing ransomware attacks as a revenue stream to fund other activities.
Weaponized Deepfake Technology
Deepfake technology continues to advance and is often weaponized to create content that can sway opinions, alter stock prices, or gain unauthorized access to sensitive data. Threat actors have easy access to these tools, making deepfake social engineering attacks a significant threat in 2024.
Phishing Attacks Persist
While software exploits have always been exploitable, threat actors increasingly “log in” rather than “break in.” Phishing campaigns have become more successful over the years. In 2024, we can expect more attacks originating from credential theft rather than vulnerability exploitation, further emphasizing the need for robust security measures.
Ransomware: Stealthy Exploits, Enhanced Extortion, and AI Battlefields
The adoption of “living off the land” techniques, which leverage legitimate system tools to execute attacks, is expected to surge. This approach is subtle, making it harder to detect and thwart. It underscores the necessity for sophisticated threat prevention strategies, such as Extended Detection and Response (XDR), which can pinpoint device and network behavior anomalies.
Despite organizations bolstering their defenses against ransomware, incidents of data loss or leakage are likely to increase. The increasing reliance on SaaS platforms to store sensitive data presents new vectors and vulnerabilities that malicious entities can exploit.
It’s crucial to approach ransomware reporting with discernment, as the observed increase in attacks may be inflated due to newly instituted reporting mandates. A careful analysis is required to understand the dynamics of reporting protocols and assess the true scope and scale of the threat.
Conclusion
As cybercriminals continue to adapt their methods and tools, organizations must also adapt their cybersecurity measures. Large-scale attacks in 2023 serve as a stark reminder of the evolving threat landscape. To navigate this landscape effectively, companies must prioritize their security protocols and scrutinize the practices of their third-party suppliers. With the rise of AI-enhanced cyberattacks, the emergence of zero trust models, and the weaponization of deepfake technology, investing in collaborative, comprehensive, and consolidated cybersecurity solutions is more critical than ever. Vigilance and agility are essential to create an effective defense against cyber threats in 2024.