The Top Five Cyber Threats of 2024
As we progress through 2024, the cyber threat landscape continues to evolve rapidly, presenting new challenges for organisations and individuals alike. In this edition, we shift our focus from past incidents to the present and future threats that pose the greatest risks.
Understanding these threats is crucial for developing effective strategies to safeguard against them. Cybercrime is expected to become the world’s third largest economy by 2025, estimated to cost $10.5 trillion in damages globally, according to cybercrime magazine.
This month, we highlight the top five most dangerous cyber threats of 2024, exploring their nature, potential impacts, and the steps you can take to protect yourself and your organisation. Join us as we explore these pressing cyber threats and provide insights into enhancing your cyber resilience.
Offensive AI as a Threat Multiplier
At the RSA Conference 2024, cyber security experts identified offensive AI as a significant threat multiplier, presenting it as one of the top five cyber threats for the year. Stephen Sims highlighted how malicious actors leverage AI and automation to rapidly identify vulnerabilities, automate the generation of exploits, and launch sophisticated attack campaigns.
This offensive AI capability accelerates the discovery and exploitation of vulnerabilities, posing a formidable challenge for defenders. Sims emphasised the urgent need for defensive strategies capable of countering the speed, automation, and intelligence wielded by attackers, underscoring the importance of innovative defensive measures to mitigate this evolving threat landscape in 2024.
AI-Driven Social Engineering Threats
Social engineering has long been a prominent cyber threat, relying on psychological manipulation to deceive victims. Attackers exploit human traits such as trust, fear, and curiosity to gain access to critical systems or sensitive information. Traditional social engineering methods include phishing, baiting, pretexting, and tailgating.
The increasing digital transformation and real-time information sharing have made individuals more susceptible to these attacks. In 2022 alone, there were 493 million ransomware attacks, and 19% of all data breaches were due to stolen or compromised login credentials.
AI has significantly amplified social engineering tactics, enabling attackers to develop more complex and convincing attacks tailored to targeted individuals. AI-driven social engineering can include:
- Hyper-personalised phishing
- AI-generated natural language content
- Emotional manipulation
- Detection evasion
- Automated reconnaissance
These advancements allow attackers to craft tailored, context-aware campaigns quickly and efficiently, making traditional defences less effective. Businesses must now contend with AI-generated deepfakes, persuasive phishing emails, and sophisticated data manipulation, requiring a proactive and adaptive approach to cybersecurity.
Implementing multi-factor authentication, employee training, phishing simulations, and AI-based defence mechanisms are essential to counter these advanced threats.
Dark Web Risks
Using AI to Boost Your Cyber Security
With the growing influence of Artificial Intelligence (AI) on various facets of our lives, its profound impact on cyber security is undeniable.
Discover how AI is revolutionising traditional cyber security measures and shaping the landscape of cyber security strategies and practices.
Ransomware Remains a Prevalent Threat in 2024
Despite significant global law enforcement efforts, ransomware activity has continued to surge in 2024. According to the Sophos 2024 Ransomware Report, global ransomware attacks in 2023 set a record high, surpassing the previous year by nearly 70%. In the first quarter of 2024 alone, 1,075 ransomware victims were posted on leak sites. Major ransomware groups like LockBit and ALPHV/BlackCat were responsible for 30% of the activity.
The report also highlights the financial impact of these attacks, with average ransom payments increasing by 500% in the last year. A staggering 63% of ransom demands were for $1 million or more, and 30% exceeded $5 million, indicating that ransomware operators are targeting larger payoffs.
Overall, these reports indicate that ransomware isn’t slowing down in 2024 and remains one of the largest threats to organisations. Few organisations have the right tools, people, and processes in-house to manage their security program around-the-clock while proactively defending against new and emerging threats.
Sophos MDR is a 24/7 solution that provides an elite team of threat hunters and response experts to take targeted actions on your behalf to neutralise even the most sophisticated threats.
Supply Chain Risk: A Growing Concern
Supply chain risk continues to be a significant threat in 2024, as we’ve already seen from major incidents this year involving MoD and MITRE, which we covered in our blog outlining the top five cyber incidents of 2024 so far. Despite increased awareness, many businesses still struggle with effectively managing these risks. According to the UK Government’s Cyber Security Breaches Survey 2024, 31% of businesses and 26% of charities conducted cyber security risk assessments in the past year. Larger organisations are more proactive, with 63% of medium businesses and 72% of large businesses conducting these assessments.
However, only 11% of businesses review the cyber risks posed by their immediate suppliers, a figure that rises to 28% for medium businesses and 48% for large businesses. This limited oversight is concerning given the complex and interconnected nature of modern supply chains. The qualitative data indicates that while awareness of supply chain cybersecurity risks is growing, smaller organisations often lack the formal procedures necessary to manage these risks effectively.
10 Steps to Cyber Security
Supply Chain Security
Paul Crumpton, Partner Services Manager at IASME joins the 10 Steps to Cyber Security Video Series to deep dive into Supply Chain Security.
This episode covers:
What is Supply Chain Security and why is it so important?
Understanding and securing your supply chain
Practical advice and implementation tips
Cloud Vulnerabilities: The Invisible Threat
As organisations continue to migrate their operations to the cloud, vulnerabilities within cloud environments have become a critical concern in 2024. The flexibility and scalability of cloud services come with a unique set of security challenges that can be exploited by well-versed threat actors.
A significant factor contributing to cloud vulnerabilities is misconfiguration. According to reports as far back as 2019, misconfigured cloud settings were responsible for nearly 70% of all cloud security incidents, and according to IBM’s Cost of a Data Breach Report, 45% of reported breaches were cloud-based. These misconfigurations can lead to unauthorised access, data leaks, and compliance issues. Additionally, the shared responsibility model of cloud security often leads to confusion about where the provider’s security obligations end and the client’s responsibilities begin, leaving gaps that can be exploited. The NCSC has published free guidance on cloud security and shared responsibility models.
The rise in cloud-based attacks has also been driven by increasingly sophisticated threat actors targeting cloud infrastructure. For instance, the recent breaches involving high-profile cloud services such as the recent Microsoft Azure incident have shown that attackers are leveraging advanced techniques and exploiting zero-day vulnerabilities to bypass security controls, escalate privileges, and access sensitive data. These incidents highlight the importance of robust security practices, including regular audits, comprehensive monitoring, and strict access controls.
To mitigate cloud vulnerabilities, organisations should focus on improving their cloud security posture through continuous monitoring to identify any vulnerabilities or misconfigurations exposing their cloud infrastructure’s attack surface, employee training and implementing robust policies for access, user groups and data handling, and of course, adherence to best practices for cloud configuration and management. The Center for Internet Security (CIS) has published the CIS Benchmarks, a series of prescriptive recommendations for configuring over 25 cloud and network vendor product families including AWS, Azure and Google Cloud Platform (GCP).
By addressing these vulnerabilities proactively and implementing industry best practices and benchmarks, businesses can better protect their data and maintain trust with their customers.
What can we learn from these threats?
The top five cyber threats of 2024 so far serve as a stark reminder of the evolving threat landscape. By understanding the risk and implementing a layered and strategic approach to cyber security, organisations can better protect their people, data, and customers.
Detect. Protect. Support.
Free Posture Assessment
Understand your security risks and how to fix them.
Take the first step to improving your cyber security posture, looking at ten key areas you and your organisation should focus on, backed by NCSC guidance.
Claim your free 30-minute guided posture assessment with a CyberLab expert.