Minding the Cybersecurity Gap: Cyber Trends and Threats to Watch Out for in 2024

By Mahipal Nair

In the dynamic landscape of cybersecurity, Charles Darwin’s theory holds true: survival favors those who are most adaptable to change. In a time where technology is evolving fast, organizations and security teams need to stay a step ahead of those trying to breach their defenses.

The past year shook up the cybersecurity landscape as hackers and nation-states evolved to outsmart security teams. Ransomware continues to be a challenge for organizations globally, exacerbated by the rise of generative AI tools like ChatGPT and the adoption of artificial intelligence.

As we approach 2024, security teams need to look ahead and prepare for upcoming challenges, taking proactive steps to keep their operations safe. The Trellix Advanced Research Center recently shared insights into key trends, tactics, and threats that we should be aware of as we head into 2024.

The Looming Shadow of Artificial Intelligence

As per a recent Gartner report, more than 80% of enterprises will have used Generative AI APIs or deployed Generative AI-enabled applications by 2026. While it spells immense potential for innovation and efficiency, its growing accessibility in the dark web empowers unskilled threat actors to execute sophisticated attacks at scale. The dark web’s transformation into a breeding ground for unrestricted generative AI poses significant risks. Hackers can exploit large language models (LLMs) like GPT-4, Claude, and PaLM2 to execute sophisticated attacks at a scale.

Moreover, the rise of AI-generated voice scams presents a growing threat, as advancements in voice quality make it increasingly challenging to distinguish between real and fake voices. The accessibility and affordability of AI voice tools will empower scammers, enabling them to automate and amplify fraudulent activities at an unprecedented scale.

Ransomware: A Persistent Plague

Ransomware groups, driven primarily by financial gain, are constantly looking for new ways to extort their victims and pressure them into paying the ransom. One such tactic is to contact the clients of their victims, which puts additional pressure on them to pay up. This allows hackers to not only hold ransom for the stolen data from the direct victim, but also create panic among the victim’s clients who may be impacted by the breach. This is not a new tactic, as ransomware groups have been leveraging the media to put public pressure on their victims in recent times.

According to our recent Cyber Threat Report, India accounted for the vast majority (77%) of ransomware detections in Q2 and Q3 in 2023. It is expected that ransomware groups will increasingly target entities that handle not only sensitive personal information, but intimate details that can be used to extort clients. Industries such as healthcare, social media, education, and SaaS are likely to come under further fire from these groups in 2024.

Emerging Threats and Attack Methods

In recent times, there has been a rising concern of insider threats, with individuals having unauthorized access to crucial organizational assets being a significant risk. Our recent industry analysis indicates a 47% increase in insider threats over the last two years, resulting in a total loss of $15.38 million for incident containment. These threats compromise the organization’s integrity and confidentiality while assisting enemies in sabotaging operations and collecting information. Insider threats will only increase with the continued proliferation of connected devices and the persistence of remote and hybrid workforces.

QR code-based phishing campaigns are also on the rise, as hackers exploit vulnerabilities. Hackers find QR codes appealing since they are trusted after becoming essential during the pandemic. QR codes are also simple to make and share, which helps fraudsters target victims more effectively. Traditional email security products often fail to detect these attacks, making them an attractive option for cybercriminals. To counter the growing threat, users must be cautious when scanning codes, especially from unknown or suspicious sources.

What Steps Should Enterprises Take to Tackle This?

Trellix’s recent initiative, “Mind of the CISO: Behind the Breach,” highlights the need for collaborative efforts. CISOs worldwide have emphasized the necessity for technological enhancements, with 97% expressing the need for improvements in both people and processes following a significant cyber incident. In this ongoing war against cybercriminals, the adoption of Extended Detection and Response (XDR) emerges as a linchpin, a strategic move endorsed by 94% of CISOs as indispensable in preventing major cybersecurity events.

In summary, the landscape of cybersecurity threats in 2024 necessitates a robust and comprehensive approach. Embracing XDR as a strong ally can help organizations unify their defense mechanisms across multiple platforms, enabling quicker threat detection and response. Collaboration, innovation, and a commitment to staying ahead of the curve will be key in safeguarding our critical systems and data from a diverse array of emerging risks. By leveraging XDR technology alongside adaptive strategies, enterprises can fortify their resilience and readiness, ensuring a more secure digital environment for all.

(The author is  Mahipal Nair, Managing Director, Trellix India & Vice President/Head of Human Resources APJ, and the views expressed in this article are his own)