Fortinet announces its 2024 cyber threat predictions. In the 2024 Threat Predictions Report (PDF), the FortiGuard Labs research team is setting its sights on a new era of advanced cyber threats. It examines how AI is changing the (attack) game, pointing to new cyber threats that we should be wary of in 2024 and beyond. It also provides advice on ways global organizations can join forces to protect against the ever-changing threat landscape.
One of the conclusions drawn by the research team is that the rapid rise of Cybercrime-as-a-Service (CaaS) and generative AI offer cybercriminals more opportunities than ever. Thanks to CaaS and AI applications, they can carry out cyber attacks with the greatest of ease. AI offers cybercriminals an easy way to power or support the different stages of their attacks. This can include anything; preventing the detection of social engineering to imitating human behavior.
FortiGuard Lab also reports that cybercriminals’ well-known and favorite attack tactics are far from over. On the contrary: they are further developed as soon as cyber criminals gain access to new digital tools. More intensive activity is therefore expected from a growing number of advanced persistent threat (APT) groups. In addition, cyber criminals will introduce more variety into their targets and scripts. They will launch massively sophisticated and disruptive cyber attacks with a focus on denial of service and extortion techniques.
New threat trends for 2024
Cybercriminals will always rely on proven tactics to make a quick buck. The only difference now is that they have more and more tools at their disposal to carry out cyber attacks. It is therefore expected that we will see several new trends in the field of cybercrime in the coming years. Below are the expectations for the upcoming period:
1. Cybercriminals start recruiting
Many organizations rely on new technologies and processes to strengthen their security mechanisms. This makes it more difficult for cybercriminals to penetrate networks from outside. They are therefore forced to find new ways to achieve their goals. The prediction is therefore that cyber criminals will start recruiting people within organizations who can open a door in the corporate network for them.
2. Cybercriminals go for the big money
The number of ransomware attacks has grown rapidly in recent years. Organizations of all sizes and in every sector are a target. But as more and more cybercriminals turn to these lucrative tactics, the supply of easy prey is quickly running out. It is therefore expected that they will adopt a ‘go for gold’ approach by focusing on vital sectors such as healthcare, financial services, transport and energy and water supply. If vital infrastructures are hacked, this has a particularly negative impact on society. This means that cybercriminals can earn more from their extortion techniques. They will expand their scripts to give the attacks a more personal, aggressive and destructive character.
3. Attacks around special events
It is also expected that in 2024 cyber criminals will try to profit from the increasing number of geopolitical conflicts and special events such as the American elections and the Olympic Games in Paris. But that will also be the case with the introduction of a new series or a certain holiday. It’s true that cybercriminals have always targeted these types of events. We have seen that in the past. The only difference now is that they have new tools (and generative AI in particular) to carry out attacks.
4. Zero day attacks will be the order of the day
Organizations use an increasing number of different platforms, applications and technologies for their daily business operations. This offers cybercriminals new opportunities to abuse security holes in software. In 2023 there was one record number zero day vulnerabilities and new common vulnerabilities & exposures (CVEs), and the counter is still counting. Zero day vulnerabilities are a godsend for cybercriminals. Our expectation is that zero day brokers will join the CaaS community. We are talking about criminal gangs that offer zero-day vulnerabilities to various buyers on the dark web. N-days will also pose significant risks to organizations.
5. Narrowing the playing field for cybercriminals
Cybercriminals will inevitably continue to expand their arsenal of tactics, techniques and procedures (TTPs). However, security professionals can gain an edge over them by finding ways to thwart their malicious activities. While the bulk of security professionals’ daily work involves detecting signs of cyberattacks and blocking them, it’s definitely worth taking a closer look at the most commonly used TTPs used by cybercriminals. This will help narrow their playing field and cut them off.
6. Room for more 5G attacks
Cybercriminals are gaining access to an increasingly wide range of connected technologies. They will therefore inevitably see new opportunities to hack or infect systems with malware. As new devices are connected to the internet every day, we expect cybercriminals to launch more frequent attacks on 5G infrastructures in the future. This means they can quickly disrupt vital sectors such as the oil and natural gas industry, transportation sector, public safety, financial services and healthcare.
No one is safe anymore
Nowadays, nothing or no one is safe from cybercriminals, and a successful attack often has far-reaching consequences. However, security professionals can take several measures to anticipate and thwart malicious activity. This is possible, among other things, through collaboration between the public and private sectors, threat information and the use of standardized metrics for reporting on security incidents.
Companies can play a key role in thwarting cybercriminals. The first step is to make it clear that everyone within the organization is responsible for IT security. It is possible to create a culture of cyber resilience with initiatives such as company-wide security awareness training and tabletop exercises for managers that clarify their roles and responsibilities during a security incident. Tapping into new pools of security talent can provide relief for overworked IT and security teams facing a growing number of cyber threats. Furthermore, sharing threat information will only become more important in the future, because it enables the rapid mobilization of security personnel and deployment of security measures.