Cybercriminals are turning to new techniques, tools and software to launch attacks and create greater damage. As a result, the 2023 Cybersecurity Ventures Cybercrime Report predicts a rapid increase in damage costs associated with cybercrime — projected to cost $10.5 trillion globally in damages by the end of 2024. The report lists cost of data breaches, stolen funds, intellectual property theft, operational disruptions and post-attack recovery as the main expenses for organizations under this trend.On the other hand, Google’s Cloud Cybersecurity Forecast 2024 report highlights the increased use of AI to scale malicious operations, nation-state-supported cybercriminal gangs, zero-day vulnerabilities and modern phishing as main attack vectors for the coming year.

To stay ahead of the curve, IT and security leaders should focus on layered security solutions and zero trust to keep their companies’ data safe from top cybersecurity threats like ransomware and phishing.

1. Ransomware

Ransomware — the breaching of business-critical systems and assets with the goal of encrypting them and holding them for ransom — will continue to plague organizations across all sectors in 2024. New and established cybercriminal groups will leverage ransomware as a service, making it easier than ever to launch sophisticated attacks. They will also employ evolving extortion tactics like double and triple extortion, pressuring victims through data leaks.

As proven by the November 2023 ransomware attack on MeridianLink by ALPHV/BlackCat ransomware group, ransomware gangs are also willing to manipulate regulations. In that attack, BlackCat reported its own crime to put pressure on MeridianLink leveraging the new U.S. Securities and Exchange Commission law.

Healthcare, government and critical infrastructure will be particularly targeted by ransomware. Organizations must prioritize ransomware defense by updating systems, implementing robust backups, training employees and considering cyber insurance. More importantly, companies must ensure their security teams and experts have all the resources they need and are not working under unsustainable pressure.

2. OT-IT security

The convergence of operational technology and information technology in critical infrastructures, industrial facilities, public service providers and manufacturing plants is creating new vulnerabilities and attack opportunities for cybercriminals. Attacks on OT infrastructures via IT-compromised systems can disrupt operations, cause physical damage and risk public safety.

Notable 2023 OT-IT attacks include the late November ransomware attack on Ardent Health Services, which diverted ambulances and affected health emergency services across multiple U.S. states, and the attack on a water system in western Pennsylvania — claimed by an anti-Israeli Iranian cybercriminal group.

Organizations operating OT-IT systems must modernize legacy technology, deploy layered security, segment IT and OT networks, and implement robust access controls to prevent attacks.

3. Dark Web

The Dark Web, a hidden portion of the internet accessible only through specialized software and configurations, is a breeding ground for illegal activities. New trends on the dark web include the rise of organized criminal activity, characterized by the availability of:

  • No-code malware, which requires minimal technical expertise to use.
  • Plug-and-play kits, which are pre-configured tools for launching cyberattacks.
  • Dedicated customer support.

Additionally, fileless attacks, where attackers use stolen credentials purchased on the Dark Web to gain access to systems without leaving behind traditional malware traces, are one of the biggest trends to look out for. And zero-day brokers — cybercrime groups selling zero-day exploits on the Dark Web to multiple buyers — are becoming increasingly prevalent.

In light of these evolving threats, it is crucial for organizations to consider actively monitoring the Dark Web through professional services. This proactive approach can provide valuable insights to help organizations mitigate the great number of different threats that come directly from the Dark Web.

4. Malware as a service and hackers-for-hire

The MaaS landscape has seen a dramatic increase in the availability of platforms and tools that broaden the range of accessible malware and attack functionalities. MaaS user interfaces have also become increasingly intuitive, incorporating tutorials and simplified processes, and diversified. They now cater to various budgets and needs that further lower the barrier to entry, while automation features have become increasingly prevalent.

Meanwhile, hackers-for-hire has become the norm, going even beyond the trend of effectively lowering the technical barriers of launching cyberattacks. This democratization of cybercrime is predicted to fuel a surge in both the number and sophistication of attacks in 2024. According to a Kaspersky report, 2024 will see more groups offering hack-for-hire services.

To navigate this evolving threat landscape, organizations must prioritize implementing strong layered security solutions capable of detecting and blocking malicious software before it can take root. By equipping employees with knowledge about MaaS and hackers-for-hire threats and social engineering tactics used to distribute malware, organizations can build a more resilient workforce. Regular data backups and encryption, coupled with a zero-trust security model, further bolster defenses by minimizing potential data loss and ensuring stringent access controls.

5. Modern phishing

Phishing attacks that leverage social engineering techniques and personalized messages to trick victims into revealing sensitive information or downloading or clicking on malicious files is evolving.

Traditional methods like mass-mailed generic messages are giving way to personalized and highly realistic attacks. Criminals use AI to automate campaigns and personalize messages with targeted details, generate convincing content like deep fakes and even automatically learn from successes.

To stay ahead, organizations must invest in tools that can detect AI-generated content, educate employees about these evolving threats, and run phishing simulations to identify the weak points in their organizations and secure workplaces.

6. IoT and Industrial IoT

IoT and Industrial IoT devices, with their growing ubiquity and often limited security, present an increasingly attractive target for cybercriminals. In 2023, attacks on IIoT devices saw a significant rise, with attackers leveraging vulnerabilities to launch distributed denial-of-service attacks, steal data and disrupt operations. These attacks evolved to include new techniques like exploiting supply chain vulnerabilities and compromising firmware updates, highlighting the need for enhanced security measures.

To protect against these evolving threats in 2024, organizations must prioritize robust security practices throughout the entire IoT ecosystem. This includes implementing secure coding practices, regularly updating software and firmware, utilizing strong authentication protocols, and monitoring networks for suspicious activity.

Additionally, organizations need to consider adopting zero-trust security models and implementing segmentation strategies to isolate compromised devices and minimize attack impact.

7. State-sponsored attacks

Nation-state actors are increasingly using cyberattacks to achieve their political and strategic goals. These attacks can target critical infrastructure, steal sensitive information and disrupt essential services. 2023 saw an escalation of nation-state-supported cyber criminal activity linked to North Korea, seeking new mechanisms to fund weapon and government programs and navigate international sanctions; and Russia, with hackers supporting the invasion of Ukraine and taking cyber warfare to international levels.

Building strong relationships with government and law enforcement agencies and reporting security incidents is fundamental for organizations to mitigate state-backed threats.

2024 demands a proactive approach to thwarting state-sponsored attacks. Organizations need multilayered defenses, including sophisticated cybersecurity solutions, threat intelligence monitoring and robust incident response plans. By prioritizing comprehensive defense strategies and collaborating across sectors, organizations can better protect themselves from the evolving tactics of nation-state actors.

Staying vigilant in the evolving threat landscape

The cybersecurity landscape is constantly evolving, and threats are becoming more sophisticated. To mitigate modern cybersecurity and compliance threats, organizations must combine state-of-the-art technologies operating under holistic cybersecurity programs.

Strategies like zero-trust models are essential to strengthening companies’ security postures as they adapt efficiently and proactively to cybersecurity threats.

By staying vigilant and adapting to the changing threat landscape, organizations can protect themselves from cyberattacks and ensure the security of their data and systems.

Curled from TechRepublic