Following an 8% increase in global weekly cyberattacks in the first half of 2023, marking the highest volume in two years, cybersecurity solutions provider Check Point Software has projected the key cyberthreats for 2024. Alarmingly, these threats include the continuation and evolution of ransomware attacks, the application of artificial intelligence (AI) and machine learning (ML) technologies by cybercriminals, and the rise in state-sponsored hacktivism - all posing significant dangers to organisations.
Last year witnessed high-profile cases such as the attack against MGM Resorts which forced a shutdown of major Las Vegas sites for days and likely to cost millions in remediation. Alongside such incidents, evidence collected from over 120 ransomware "shame-sites" revealed that in the first half of 2023, 48 ransomware groups claimed to have breached and publicly extorted over 2,200 victims.
Check Point’s cybersecurity forecasts for 2024 fall into seven key categories. These include the increasing use of AI and ML, threats to supply chains and critical infrastructure, cyber insurance trends, nation state hacking, the weaponisation of deepfake technology, an uptick in phishing attacks, and the continued prevalence of ransomware.
Rise in AI-aided cyberattacks is expected to be a leading issue. Cybercriminals are predicted to adopt AI to expand all aspects of their attack strategies, from rapidly developing new malware and ransomware variants to applying deepfake technologies to phishing and impersonation attacks. Sergey Shykevich, Threat Intelligence Group Manager at Check Point Software Technologies, emphasises, "Our reliance on AI for cybersecurity is undeniable, but as AI evolves so will the strategies of our adversaries. Let's harness the full potential of AI for cybersecurity, with a keen eye on responsible and ethical use."
Attacks on supply chains and critical infrastructures can have far-reaching consequences, particularly when nation-states are involved. This reflects recent breaches highlighting the increasing necessity of stronger security protocols in the supply chain. Alongside this, growing incidents of cyber warfare and hacktivism are predicted, with threat actors potentially hiding their true commercial motives behind more recognisable political positions.
Technological advances pose yet another threat as deepfake technology will continue to be used by threat actors to gain permissions or influence opinions like swaying stock prices, while phishing attacks and ransomware will persist as significant challenges. Advanced phishing tactics might become more personalised due to AI enhancements, making it even more challenging for individuals to recognise malicious intent.
As Daniel Wiley, Head of Threat Management and Chief Security Advisor, Infinity Global Services at Check Point Software Technologies observes, "The use of artificial intelligence by ransomware attackers will become more advanced, requiring organisations to not only focus on preventing attacks, but also enhancing their incident response and recovery plans to mitigate the potential impact. As attacks become more sophisticated, organisations need to evolve their approach to security."
This ongoing evolution of cyber-attack methods underlines the need for organisations to constantly update and enhance their cybersecurity measures. To ensure protection in the face of expanding attack vectors, it is crucial to invest in collaborative, comprehensive, and consolidated cybersecurity solutions that can adapt to ever-changing cyberthreat landscapes.