2024 Cybersecurity Predictions: RaaS Attacks, Hackers Using AI
Experts say 2024 will be a busy year for cybercriminals. Here's what to watch for to help your customers avoid disaster.
![Cybersecurity predictions for 2024 Cybersecurity predictions for 2024](https://eu-images.contentstack.com/v3/assets/blt10e444bce2d36aa8/blt9b063cc51fa7b90f/6581d52e2fc999040a91ef6e/Cybersecurity_in_2024.jpg?width=700&auto=webp&quality=80&disable=upscale)
Maxx-Studio/Shutterstock
Cybercriminals increasingly are targeting digital supply chain vendors, with a heightened focus on security and identity providers, said Patrick Joyce, Proofpoint’s resident CISO. Aggressive social engineering tactics, including phishing campaigns, are becoming more prevalent.
“The Scattered Spider group, responsible for ransomware attacks on Las Vegas casinos, showcases the sophistication of these tactics,” he said. “Phishing help desk employees for login credentials and bypassing multifactor authentication (MFA) through phishing one-time password (OTP) codes are becoming standard practices. These tactics have extended to supply chain attacks, compromising identity provider (IDP) vendors to access valuable customer information. The forecast for 2024 includes the replication and widespread adoption of such aggressive social engineering tactics, broadening the scope of initial compromise attempts beyond the traditional edge device and file transfer appliances.”
A notable trend for 2023 was the dramatic increase in mobile device phishing and Joyce expects this threat to rise even more in 2024.
“Threat actors are strategically redirecting victims to mobile interactions, exploiting the vulnerabilities inherent in mobile platforms,” he said. “Conversational abuse, including conversational smishing, has experienced exponential growth. Multi-touch campaigns aim to lure users away from desktops to mobile devices, utilizing tactics like QR codes and fraudulent voice calls. This not only makes phishing attacks more effective on mobile devices but also complicates detection for corporate security teams.”
Identity-based attacks will dominate breaches, exploiting vulnerabilities rooted in human behavior and obscured by limited visibility, Joyce said. The conventional belief in cyber attackers relying on common vulnerabilities and exposures (CVEs) is losing relevance. Instead, identity is the new vulnerability. Organizations must shift their focus from primarily fortifying infrastructure to securing stored credentials, session cookies, access keys and addressing misconfigurations, especially when it comes to privileged accounts. The human link in the attack chain demands swift and innovative defenses.
In 2024, cybercriminals will continue exploiting modern SaaS apps, concealing malicious payloads in the cloud and leveraging security gaps for their nefarious objectives, said Tal Zamir, CTO of Perception Point. Recent incidents, such as TeamsPhisher, underscore the significance of SaaS applications as unsuspecting accomplices in cyberattacks. Organizations must fortify their defenses, recognizing the potential for SaaS apps to serve as powerful new attack vectors.
The new year will prompt an even greater trend toward consolidation of security tools and capabilities, as well as a move of medium and small business to a services-based approach, said Raffael Marty, ConnectWise’s executive vice president and general manager of cybersecurity.
“MSPs will play an ever more important role in that value chain, helping deliver security services to these market segments,” he said. “These SMBs won’t be able to find the right talent (and keep it) to build out their own in-house services. Nor will it make financial sense for them to do so given the ever changing complexities of the threat and technology landscape. Scale will come from the MSP space, as well as from the vendors that supply the MSPs.”
While QR codes, which provide a convenient way to follow a link with a device such as a mobile phone, have been around for decades, mainstream usage has exploded in recent years. WatchGuard Threat Lab analysts expect to see a major, headline-stealing hack in 2024 caused by an employee following a QR code to a malicious destination.
Geopolitical developments make it likely that we will see even more attacks from nation-states in 2024, with China and Russia leading the pack, and North Korea and Iran following, said Kurt Thomas, Fortra’s technical product manager for Powertech solutions. These attacks will seek to: disrupt, or prepare to disrupt, the confidentiality, integrity and availability of data and services in critical infrastructure such as utilities, shipping and financial institutions; steal sensitive personally identifiable data from wherever it is maintained, including the military and intelligence services and health organizations; undermine the public's trust in institutions; and in the case of North Korea, to procure money for the cash-starved regime.
Both 2016 and 2020 saw impressive increases in attempts to influence voters through crafty propaganda and social media campaigns run by bots and expert social engineers, along with attempts to influence the vote itself through abuse of related technologies, said Ryan Maltzen, cybersecurity architect at Fortra.
“In past elections, this was more largely a manual process than we should expect with the rise of generative AI and other tools that seem well-positioned to have impacts in this space,” he said. “Whomever can best develop technologies to bring some level of truth, identification or attribution to these less scrupulous uses of tech will be a disruptor, and will be doing the world a favor by helping get one step ahead of this in some fashion.”
Experts at NordVPN looked into the biggest forum on the dark web to predict 2024 cybersecurity risks. Every tenth post on the forum was about learning how to execute some kind of attack. Among the most commented threads were: “how to dox,” “list of useful resources for pentesters and hackers," ”how to hack WhatsApp of your friend by sending a single ink,” “how to instantly crack TikTok accounts easily,” “Wi-Fi hacking course” and others. This means that hackers are sharing their knowledge and we can expect the number of amateur hackers to rise together with the number of attacks they execute. So users should be even more serious about their cybersecurity education and keep themselves updated about the latest attacks.
NordVPN researchers found that around 55% of dark web forum discussion threads were around leaked customer data, such as social media credentials, driver licenses, addresses, emails and other bits of personal information. This means that hackers are still after vulnerable personal data and no user is safe from hacking.
NordVPN researchers found that around 55% of dark web forum discussion threads were around leaked customer data, such as social media credentials, driver licenses, addresses, emails and other bits of personal information. This means that hackers are still after vulnerable personal data and no user is safe from hacking.
A continuing surge in ransomware-as-a-service (RaaS) attacks and increasing use of artificial intelligence (AI) by cybercriminals are among cybersecurity predictions for 2024.
Cybercriminals have been especially brazen this year, with MOVEit transfer hacks impacting more than 2,660 organizations, according to Emsisoft, and a ransomware attack on MGM Resorts that impacted numerous hotels and casinos on the Las Vegas Strip.
Expect 2024 to be just as challenging, if not more, for cyber defenders.
Anyone Can Be a Hacker
“The rise of RaaS has fundamentally transformed the landscape of cyber crime,” said Patrick Beggs, ConnectWise’s CISO. “Cybercriminals no longer need to possess advanced coding skills; instead, they can simply rent ransomware tools and infrastructure from underground marketplaces, democratizing the capability to launch devastating attacks. This development has led to a surge in the frequency and scale of ransomware incidents, as individuals with varying levels of technical expertise can now participate, significantly expanding the pool of potential threat actors.”
![ConnectWise's Patrick Beggs ConnectWise's Patrick Beggs](https://eu-images.contentstack.com/v3/assets/blt10e444bce2d36aa8/blt25e8050da777ec7c/6523f6bef72fd58b241c4147/Beggs-Patrick_ConnectWise-web-size.jpg?width=700&auto=webp&quality=80&disable=upscale)
ConnectWise's Patrick Beggs
In addition, the integration of AI in cyber threats marks a paradigm shift in the capabilities of malicious actors, he said.
“Cybercriminals are increasingly leveraging AI to enhance the sophistication and efficiency of their attacks,” Beggs said. “AI-powered tools can automate various stages of a cyberattack, from reconnaissance to exploitation and evasion, enabling attackers to adapt and learn from their targets in real-time.”
See our slideshow above for the threats experts say channel partners should keep apprised of in 2024 so they can help their customers avoid a cyber disaster.
About the Author(s)
You May Also Like