With cybercriminals likely to employ more advanced techniques in 2024, these numbers are only going to increase, and cyber threats will be an even bigger challenge for organisations and their security teams.
Read on for my cybersecurity predictions for 2024, and the trends to keep a close eye on.
1. AI and GenAI-related attacks will rise
I can’t write about cybersecurity predictions without mentioning AI. From malicious AI chatbots and business email compromise (BEC) attacks (as previously discussed here), to new tactics such as deepfake phishing, AI’s role in cybercrime has grown substantially over the past year and will continue to do so in the coming months.
However, AI, or rather one of its subsets, machine learning, can also help fight against these attacks by detecting and responding to cyber threats in real-time, identifying patterns and anomalies in large amounts of data, and enhancing a company’s overall cybersecurity posture. As Bernard Marr, world-renowned futurist, puts it: “if cyberattack and defence in 2024 is a game of chess, then AI is the queen—with the ability to create powerful strategic advantages for whoever plays it best.”
2. Ransomware—we will see more of the same
In 2023, one in every ten organisations worldwide was hit by an attempted ransomware attack according to Check Point’s data intelligence service ThreatCloudAI, a 33% surge from the year before.
These attacks caused significant disruption and financial losses across various industries and diverse organisations including Reddit, Royal Mail and the Greater Manchester police force, to name only a few.
The threat cannot be ignored just because it isn’t new, as attacks are only likely to increase in 2024. Well-known ransomware groups such as BlackCat (ALPHV), LockBit and Cactus have already struck this year. Just last month, energy giant Schneider Electric saw a number of its Sustainability Business division systems taken offline and data accessed.
3. 2024 elections will drive new cybersecurity regulations and more misinformation
From the CCPA and GDRP to DORA, organisations around the world already need to comply with many regulations with cybersecurity implications. 2024 is only going to add to this, with the European Network and Information Systems Directive (NIS2) coming into effect in October. The new regulation requires the introduction of a set of preventative measures including implementing policies on risk analysis and information system security, cyber hygiene practices, cybersecurity training, and multi-factor and continuous authentication solutions.
But there is more. 2024 is also the biggest election year in history. Half of the global population eligible to vote—4.2 billion citizens across 65 countries—will head to the polls. This means that of the 43 countries expected to hold free and fair elections, there is a significant chance that some of them will have a new government in place this year and make cybersecurity a key part of their policy agenda, potentially leading to new regulations and standards.
This won’t be the only effect. As with the US presidential election in 2016, bad actors will spread disinformation and misinformation on a bigger scale this year and with more tools in their arsenal. They will not only use tried-and-tested phishing tactics but also more realistic and effective deepfakes, posing a serious risk to democracy.
4. 2024 might be the year of token-specific attacks
The use of weak and repurposed passwords has been a security issue for years and the cause of many breaches, driving companies to consider alternative methods to provide user access such as token-based authentication. It’s a protocol that uses an access token to verify a user’s identity and give them access to an application, website, or API.
It is a much more secure method for user authentication than password-based systems as tokens are self-contained, and only the server that created them can verify them. They can also be deployed quickly and provide a better user experience. But like everything, there are disadvantages. As it relies on one key only for access, if not properly managed and configured, it could lead to sensitive information being compromised. Tokens also have an expiry date which means they require constant revalidation.
Last year, the OAuth implementation error showed how tokens could be vulnerable, and Chinese hackers took advantage of a token validation issue. Hacking groups are exploiting token weaknesses and could easily make them their next target, especially as more companies turn to them for managing access.
5. The cybersecurity skills gap will continue to widen
According to our recent cybersecurity report, both UK and US enterprises that have reported a decrease in investment, stated talent shortages as the main reason. Recent research by the UK government found over 160,000 cybersecurity job postings in 2023—an increase of 30% from 2022. The skills gap is very real and will only continue to increase unless companies start redirecting organisational resources, developing talent from within and upskilling employees through proper training.