The cybercrime world is a sort of business parallel reality where organized crime groups, with lucrative goals, compete against each other. As a result, it is expected to record a rise in the number of cases where a company becomes a victim of multiple cyberattacks. The commoditization of cybercrime has played a key role, since, currently, it is possible to buy on the dark web from malicious software ready to be used to software vulnerabilities which have just been discovered. This makes it easier and faster to launch cyberattacks.
According to the Cyberthreat Predictions for 2024 report, made by Fortinet, among the companies which are more likely to be attacked we find those that work in the fields of industry, healthcare, finance, energy and transportation, due to their vast social impact. It is also expected that the number of attacks targeting cyber insurance companies will rise, as a result of both their boom and the fact that they are a stopper when it comes to paying extortion fees.
Let’s see what the cybersecurity trends in 2024 are:
APT (Advanced Persistent Threat)
This kind of attack consists in breaking into the system of an organization and remaining there unnoticed for a long period of time. This allows the attacker to constantly steal information or to prepare a more striking attack. Until now, big corporations had been the main targets; however, there is a growing trend towards attacking smaller companies integrated in the supply chain of the organization targeted, since they usually have less security measures. This is why every business, no matter its size, must implement security measures that guarantee not only the protection of the information but also the business continuity.
Artificial intelligence (AI)
For a few months, people talk about how artificial intelligence is going to make our life easier by allowing the optimization of processes, but it equally makes it easier for cybercriminals. This is why it is expected that the use of this technology will reduce the amount of time needed to compromise an organization or that it will be used to generate fake audios or videos which will be used to do impersonations. On the other hand, these technologies are susceptible to manipulation and we must take into account that the information introduced in AI-based systems feeds their database and this information can be revealed to other users, which can lead to a data leak. It is also important to be aware of the fact that the information provided by artificial intelligence is not always accurate. Due to the reasons provided, we must be very careful with the technologies introduced in our organizations.
Credential-based attacks
There are things that never change and credential theft is still one of cybercriminals’ main objectives, since they are the access key to a corporate network. As a result, a rise in the number of attacks related to credential theft and login breaches is expected. AI can also play a key role in this field due to its capability to identify patterns, which can make it faster to break a password. That is why implementing multi-factor authentication, particularly that which involves biometric factors, becomes essential to every business.
Ransomware and other extortions
When it comes to attacks related to extortion, ransomware continues in the top positions. This kind of malicious software, that spreads rapidly in the corporate network, encrypts the information stored in the devices. After that, it demands the payment of a ransom to decrypt it. Even if it is expected that ransomware attacks continue leading the list of business extortion methods, a rise in the number of extortions related to denegation of service attacks is also expected.
The human factor
Since technical based security measures make it more difficult for attackers to break into a corporate network from outside the organization, cybercrime groups are turning the spotlight on employees, looking for intern access to the corporate network. According to the World Economic Forum, approximately 95% of cyberattacks suffered by companies were caused by a human mistake. Therefore, training employees in the main techniques to identify and stop cyberattacks must constitute a priority for every company that is truly concerned about security.
Cookie settings
