The trends in cybersecurity that will shape 2024 !

• The development of new technologies, the deployment of Artificial Intelligence (AI), the proliferation of ransomware, geopolitical conflicts and the sophistication of attack techniques will be the main issues facing cybersecurity this year.
• The evolution of cyber-attacks will be accompanied by the development of more effective and scalable security solutions for enterprises, based on the application of a security layer in the cloud to prevent attacks.
• Increased investment by enterprises in tools dedicated to automation and response to cyber-attacks, mainly focused on AI and generative AI, is foreseen. Attack surface continues to grow and to grow in a uncontrolled manner. After the shadow IT with Cloud SaaS usages, organizations are now facing shadow AI, with significant potential risks as confidential information is shared with unsecured AI system such as ChatGPT.
• Regulation continues to evolve: NIS 2, Dora, CRA, Tiber-EU, etc. CISO need to face those evolutions and understand their implications.
• Information Technologies (IT) /Operational Technologies (OT) continues to evolve: The cloud revolution is not over! Shift left is the name of the game and this has fundamental cyber implications. OT continues to be more and more based on IT components and more and more connected.

The development of new technologies, the deployment of Artificial Intelligence, the proliferation of hackers and geopolitical conflicts are some of the trends that will shape the cyber threat landscape in 2024. Thales Cyber Threat Intelligence Team has analysed the main predictions for this new year, in which, despite the higher risk given the geopolitical context in which we find ourselves, it also highlights the evolution of cybersecurity solutions as the main tool to stop or mitigate potential damage from cybercriminals. 

Threats associated with the deployment of AI

We are moving towards a future in which AI will be increasingly integrated natively into information systems, which will increase the area exposed to threats and risks from cybercriminals. Moreover, this technology is expected to foster greater sophistication of existing attack vectors. For example, in phishing techniques; a method of deception that is carried out via SMS, emails or phone calls, a more personalised message will be developed through the use of AI, better written and therefore less suspicious and consequently more effective.

The development of AI will also expand the capabilities of experienced cyber attackers, giving rise to a new generation of less experienced actors who have a new resource to exploit attacks and accelerate their development cycles. Thus, by 2024, new research, best practices and technologies will need to be developed to secure this new form of data delivery. 

The impact of geopolitical risks 

The conflict between Russia and Ukraine in 2022 transformed the cybersecurity landscape in Europe and around the world, turning the network into a battlefield in its own right. Given the continuation of the confrontation and adding the Israeli-Palestinian conflict, as well as the activity of Iran - known for its offensive cyber operations - these conflicts will continue to impact cyber in 2024. These risks could spread and affect various sectors and countries. 

Increasingly sophisticated techniques

The tactics employed by cybercriminals are becoming increasingly sophisticated, whether in terms of the evasion methods employed or the types of attack, a trend that is expected to continue in the New Year. Innovation and adaptability have become the strengths of some of the major players, such as Bronze Butler, TA505 Wizard Spider and Turla, enabling them to navigate a constantly changing digital environment. The use of Dynamic Link Libraries (DLLs) for malicious purposes also illustrates this trend. These libraries contain code and data that can be used simultaneously in several programs. DLLs are essential for the proper functioning of the Windows operating system and the programs running on it, and are often the target of sophisticated attacks, enabling long-term offensive operations to be set up by circumventing detection systems.

Ransomware as a business model

Ransomware, or 'data hijacking', a type of malware that restricts access to the infected operating system in order to claim a financial reward, is among the attacks most likely to grow in 2024, given its pervasive ease of spread, the wide variety of infection transmitters available, and, finally, the large number of platforms on the dark web that have made it possible for the cybercrime industry to operate under solid business structures. A clear example of this is Ransomware-as-a-Service (RaaS), where expert attackers offer their services to subscribers, enabling cybercriminals with low technical knowledge to carry out effective and truly damaging attacks. 

Thus, ransomware has become a profitable business for cybercriminals, as well as a global challenge for digital security worldwide. 

The rise of infostealers

An infostealer is a variant of malware that aims to extract sensitive or personal data from a computer system for malicious purposes. These programmes are specifically designed to retrieve sensitive personal information, such as identity documents or bank details. They are criminal groups that operate very silently and have the ability to attack a wide range of data. 

Automation of cyber defence tools

In the face of these developments and with the pace of threats and attack surface increasing, the only way for businesses to improve their cyber security and resilience will be to automate and orchestrate their cyber defence techniques. As such, this New Year will see increased investment in tools dedicated to automating and responding to cyberattacks, with a primary focus on AI and generative AI. Thus, by 2026, organisations with a focus on security and being proactive in this area will experience a 66% reduction in security breaches, according to the analysis firm Gartner. 

The development of new levers of protection for companies 

The evolution of cyber-attacks will be accompanied by the development of more effective and scalable security solutions for companies, as well as a progressive technological awareness of the different categories of cybersecurity solutions. Some of the most effective are SSE (Security Service Edge) and SASE (Secure Access Service Edge) technologies, a security layer that provides protection in distributed environments, which will mark a turning point in threat detection and response.

Increasing visibility on infrastructure assets and potential threats as well as quickly and effectively controlling the area exposed to threats will therefore be a major challenge for enterprises in 2024 and beyond. The cyber security industry will therefore need to provide a response that combines increased visibility of and greater presence across the network, enabling early detection of the first signs of large-scale, protracted attacks. In the face of increasingly sophisticated cyber risks, networked detection and response solutions, increased Cyber Threat Intelligence, enhanced External Attack Surface Management as well as other cyber security services can be expected to gradually establish themselves as an essential pillar of the security strategies put in place by enterprises. 

Stay tuned on the latest cyber attacks : Link cyber threat news