Criminal activities have increased in the first half of the year, with Check Point Research (CPR) reporting an 8% increase in weekly cyberattacks globally in the second quarter, marking the highest number in two years. Familiar threats such as ransomware and hacktivism have evolved, with criminal gangs modifying their methods and tools to infect and influence organizations worldwide. Even old technology like USB storage devices are regaining popularity as a means of distributing malware.
One of the most important developments this year has been the growth of the ransomware landscape. Data obtained from more than 120 ransomware “shaming sites” revealed that in the first half of 2023, a total of 48 ransomware groups reported breaches and publicly extorted more than 2,200 victims. There have been several high-profile incidents this year including the attack on MGM Resorts, which forced major Las Vegas venues to close for several days and could cost millions to fix.
Check Point’s cybersecurity predictions for 2024 generally fall into seven categories: Artificial Intelligence and Machine Learning; GPU farming; Critical infrastructure and supply chain attacks; cyber insurance; National state; weaponized deepfake technology and phishing attacks.
Artificial intelligence and machine learning:
- The rise of AI-driven cyberattacks: Artificial intelligence and machine learning have dominated the cybersecurity conversation. The coming year will see more threat actors adopting AI to accelerate and expand every aspect of their toolkits. Whether it’s to rapidly develop new, more cost-effective malware and ransomware variants, or use deepfake technology to take phishing and impersonation attacks to the next level.
- Fight fire with fire: Just as we have seen cybercriminals exploit the potential of AI and ML, so too have cyber defenders. We’ve seen significant investment in AI for cybersecurity, and that will continue as more and more companies look to protect against advanced threats.
- Regulatory impact: There have been significant steps forward in Europe and the United States to regulate the use of AI. As these plans develop, we will see changes in the way these technologies are used, for both offensive and defensive operations.
“Our dependence on AI for cybersecurity is undeniable, but as AI evolves, so do our adversaries’ strategies. In the year ahead, we must innovate faster than the threats we face to stay one step ahead. Harness the full potential of AI for cybersecurity, with an eye toward responsible and ethical use,” – Sergey Shykevich, Director of the Threat Intelligence group at Check Point Software Technologies.
Hackers will target the cloud to access AI resources – GPU Farming:
- As the popularity of AI continues to soar, the cost of running these massive models is also rising rapidly, potentially reaching tens of millions of dollars. Hackers will see cloud-based AI resources as a lucrative opportunity. They will focus their efforts on setting up GPU farms in the cloud to fund their AI operations. Just as computational cloud resources were the top target of Cryptocurrency Mining a few years ago, 2024 will bring the emergence of GPU Farming as the newest and most sought-after target in the mining space. cloud-based networking.
Supply chain and critical infrastructure attacks:
- Distrust of the supply chain: The increase in cyber attacks on critical infrastructure, especially those with nation-state involvement, will lead to a shift to “models”. Untrusted” requires verification from anyone attempting to connect to the system, regardless of whether they are on or off the network. With governments introducing stricter cybersecurity regulations to protect personal information, it is essential that organizations stay ahead of these new regulatory frameworks.
- Supply chain remains the weak link: The incidence of supply chain related incidents remains a challenge for organizations and the impact can be far-reaching. This will continue to be a trend next year if organizations do not conduct more rigorous evaluation of third-party vendors.
- Strengthen security protocols: Recent breaches highlight the critical importance of stronger security protocols in the supply chain. As cybercriminals target smaller downstream suppliers to reach larger companies, organizations must require assessment and implementation of stricter security protocols to prevent attacks. next job.
- AI in Insurance: Like all industries, AI is set to change the way insurers assess the resilience of online leads. It will also create opportunities for these companies to provide direct cybersecurity services. However, it’s important to note that AI alone cannot solve all cybersecurity challenges, and companies must balance security and convenience.
- A preventative approach to lower insurance premiums: With cyber insurance costs rising and talent shortages, organizations will begin to shift from reactive security to more effective, defensive security. By demonstrating preventative action against cyber attacks, organizations can see their insurance premiums drop.
Attacks by the nation state and hacktivism:
- The enduring power of cyberwarfare: The Russia-Ukraine conflict is a milestone in the case of cyberwarfare carried out by nation-state groups. Geopolitical instability will continue into next year and hacktivist activities will account for a larger proportion of cyber attacks, especially DDoS attacks, whose main purpose is to disrupt and destructive.
- Hiding hidden agendas: While many hacktivist groups use political views as a reason to launch attacks, they may hide ulterior motives. We can see the blurred line between hacktivism and commercialism as threat actors choose ransomware attacks as a revenue source to fund other activities.
Deepfake technology will be weaponized:
- Advances in deepfake technology: Deepfake is often weaponized to create content that influences opinion, changes stock prices, or worse. These tools are available online, and threat actors will continue to use deep fake social engineering attacks to gain permissions and access sensitive data.
Phishing attacks continue to plague businesses:
- Phishing and Legitimate Tools: Software will always be exploitable. However, “logging in” instead of “breaking in” has become much easier for threat actors. Over the years, the industry has built layers of defense to detect and block intrusion attempts aimed at software exploitation. Given the relative success and ease of phishing campaigns, next year will see more attacks stemming from credential theft rather than vulnerability exploitation.
- Enhanced phishing tactics: AI-enhanced phishing tactics could become more personalized and effective, making it harder for individuals to identify malicious intent, leading to an increase in fraud-related violations. Cheat.
Ransomware: Stealth exploits, advanced extortion, and battlefield AI
- Offshore tactics dominate: The adoption of “offshore” techniques, which leverage legitimate system tools to carry out attacks, is expected to increase sharply, especially when agencies like the FBI successfully take down malware networks like Qbot. This more sophisticated approach, which is harder to detect and prevent, highlights the need for sophisticated threat prevention strategies, including Extended Detection and Response (XDR) that can identify threats. Anomalies in device and network behavior.
- Data risks amid ransomware protections: While organizations are increasing their protection against ransomware, data loss or breach incidents are likely to increase . A contributing factor may be the increasing reliance on SaaS platforms to store sensitive data as part of application services, creating new vectors and vulnerabilities through which malicious entities can exploit.
- Ransomware reporting nuances: The observed increase in ransomware attacks will require an informed interpretation, which is likely inflated by reporting regulations New report is established. It is imperative to analyze these statistics with caution, understanding the dynamics of reporting protocols in analyzing the true scope and scale of the threat.
“The use of artificial intelligence by ransomware attackers will become more advanced, requiring organizations to focus not only on preventing attacks but also enhancing response and recovery plans incidents to minimize potential impacts. As attacks become more sophisticated, organizations need to evolve their approach to security to stay ahead of the game.” – said Daniel Wiley, Head of Threat Management and Chief Security Advisor, Infinity Global Services at Check Point Software Technologies.
As cybercriminals continue to develop their methods and tools, organizations need to adapt their cybersecurity measures. In 2023, we have seen several large-scale attacks. In today’s threat landscape, companies must not only prioritize their own security protocols but also scrutinize the security measures of third-party vendors. With the rise of AI-enhanced cyberattacks, zero trust models, and deepfake technology, it is more important than ever to invest in collaborative, comprehensive, and comprehensive cybersecurity solutions. unify. We must remain vigilant and agile in the face of expanding attack trends, and work together to create effective defenses against cyber threats.