Over the last few years, the number and severity of cyberattacks against organizations have significantly increased. These attacks come in various forms, including ransomware, distributed denial-of-service (DDoS), data breaches, insider threats and many more.
Despite the best efforts of many cybersecurity professionals to minimize these threats, it appears there will be no decrease in the threat level in 2024. As a result, cybersecurity teams are under immense pressure to reduce the risk to their organizations. They need to focus on identifying and mitigating the most significant threats that will likely occur in 2024 and in the future.
To help organizations better understand how to minimize risk, we've published a white paper highlighting key trends and actionable strategies. Download our free "Unlock Exclusive Insights: The State of Cybersecurity in 2024" white paper here.
In addition to the general trends and discussed in the Cybersecurity Outlook for 2023, we wanted to ask, what do industry analysts consider the most significant cybersecurity threats for 2024 and beyond? Based on recent publications and industry discussions, the list below highlights common threats your organization could face in 2024.
It’s important to note that this list is not exhaustive, and you should protect your systems and networks from other threats, including unknown and emerging threats that are likely to occur.
To emphasize the point about emerging threats, here is some data on the number of Common Vulnerabilities and Exposures (CVEs) that the National Institute of Standards and Technology (NIST) published in 2023. Note that CVEs get graded on a 10-point scale. Many CVEs rated 9+ on the scale can allow cybercriminals to gain unauthorized access to a network via remote mounted intrusion attacks or code executions.
As of November 2023, the total number of CVEs published in 2023 was 25,600, of which 4,467 were rated at a severity of 9 or above. This number has grown exponentially year-over-year. . The steady increase is likely from improved reporting capabilities by cybersecurity teams who are pinpointing vulnerabilities on an expanding attack surface.
The trend towards hybrid work environments has accelerated the decline of the traditional network border. With a growing number of people working remotely, the increase in connected devices, the adoption of cloud-based services and the complexity of supply chains, securing your network with conventional approaches, like firewalls and intrusion-detection technologies, is no longer effective.
As a result, the concept of zero-trust has become more prominent in addressing this challenge. However, this is still not enough. Cybersecurity teams must assume that attackers will breach their defenses. As a result, it is crucial to have technology, such as Network Detection and Response to continuously monitor all network activity in real time.
Artificial intelligence (AI) is rapidly transforming the cybersecurity landscape. Both attackers and defenders are utilizing its capabilities. Cybercriminals are using AI to automate attacks, develop more complex malware and avoid detection. However, AI also provides tools for cybersecurity defenders, helping them detect threats in real time, better diagnose incidents and automate responses to issues more rapidly.
Ransomware will continue to be a significant threat to organizations of all sizes in 2024. Cybercriminal ransomware-as-a-service resources that are widely available for anyone to use have lowered the bar for entry for people looking to profit from this type of attack.
Interestingly, in 2022, moves to prevent US-based organizations from paying attackers led to a decrease in ransomware attacks against US targets. However, 2022 still had the second-largest number of attacks, and the number in the year’s final quarter was the highest since Q3 of 2021. Data from 2023 suggests that ransomware attack numbers will be similar to the previous year and certainly shows that ransomware remains a significant threat.
Individual ransomware attacks are also increasing in sophistication. During 2024, this trend will prompt organizations to strengthen their efforts and adopt more resilient cybersecurity strategies to help mitigate the impact if company defenses are breached.
Ransomware is a type of malware. Other examples of malware include:
Upstream and downstream business partners in the supply chain can be a source of cyberattacks. This means that threats originating via linked IT systems—or even emails—need to be quantified and mitigated.
It has been reported that people are the weakest link in the security chain. This statement is not to disparage people—we all make mistakes, and this fact needs to be incorporated into cybersecurity planning. The sophistication of social engineering attacks, like phishing emails, are still successful source for gathering data for future attacks.
These attacks are becoming more sophisticated as criminals are using large language models (LLMs) like ChatGPT to compose more believable emails, dummy websites and other collateral to trick people into clicking malicious links or divulging data that they shouldn’t. Business email compromise (BEC) and targeted spear-phishing attacks will continue to be common in 2024 and beyond, as attackers target prominent individuals and their associates within organizations. We can also expect bad actors to use AI deepfake video and audio portrayals of real people to trick staff as part of phishing attacks.
Crypto scams are types of social engineering-based attacks. In crypto scams, attackers send an innocuous message to a mobile phone or messaging service to lure the recipient into a conversation. For example, “Are you still free for lunch on Monday?” Then they try to build a rapport with the recipient before asking them if they want to make some cash via crypto and luring them to a scam website that steals their money. Through the scam site, these attacks open the victim’s organization to other social engineering threats or malware.
Internet of Things (IoT) sensors and devices are expanding almost exponentially in the built environment and manufacturing. Some of these IoT devices have notoriously poor security. We’ve all heard of cases where a series of devices were shipped with the same admin account and password. One that often doesn’t get changed during deployment.
This expansion of IoT devices increases the attack surface, which introduces easily exploitable vulnerabilities. If the IoT devices have access to other network systems, this can open a back door for anyone who knows the default account settings.
Insider risks from disgruntled employees or staff paid off by attackers are still significant. Why spend time looking for vulnerabilities, when you can bribe an employee to take a malware-infected USB drive and plug it into a PC on the network? Protective measures like 24x7 NDR and zero-trust best practices to prevent malicious code spreading between systems are core to helping guard against this and other attack methods.
Delivering 100% cybersecurity protection that prevents attackers from breaching defenses is impossible. You must work hard to mitigate risks when they occur, but you also should plan for when the attackers get a foothold in your network. At that time, you need 24x7 NDR to help you spot anomalies so you can quarantine the suspicious systems. In the event the attack comes from cybercriminals, you can help resolve the attack more effectively.
Progress Flowmon has the NDR and other tools to help you quickly spot and deal with attacks. Visit the Flowmon product overview pages to read more, reach out to us to discuss your needs or get a free trial to how our solution can start protecting your networks within a day.
View all posts from Filip Cerny on the Progress blog. Connect with us about all things application development and deployment, data integration and digital business.
Let our experts teach you how to use Sitefinity's best-in-class features to deliver compelling digital experiences.
Learn MoreSubscribe to get all the news, info and tutorials you need to build better business apps and sites