Cybersecurity in 2024: Towards more refined tactics
IN 2024, the development of AI will have a positive impact on the efficiency of IT security teams by enabling them to strengthen defences
As we welcome the arrival of 2024, reflecting on the lessons from 2023 and the evolving threat landscape, it becomes crucial to discern the persistent trends that shaped the previous year.
The tenacity of cybercriminal tactics, notably the prevalence of ransomware, exploitation of vulnerabilities, credential theft, and supply chain attacks, marked 2023. What unifies these diverse attacks is their remarkable effectiveness?
In light of this, it is imperative to contemplate the potential continuance of these trends into 2024 and formulate strategic approaches for businesses to effectively counteract emerging cyber threats.
Between persistent trends and evolving cybercrime tactics
In 2024, the threat landscape is not expected to change radically, particularly with regard to attack typologies and criminal tactics and procedures.
Criminal groups still primarily focus their attention on financial gains and ransomware remains their weapon of choice.
These cybercriminals tend to take the easy way out by opportunistically attacking unpatched security vulnerabilities.
However, once patches are applied to these vulnerabilities, cyber attackers tend to revert to more common strategies of stealing credentials or, failing that, cookies or session cookies, which, while slightly slower, constitute always a proven means that allows them to penetrate within a system.
In 2024, however, we should expect increased sophistication in defence evasion tactics, particularly due to the generalisation of certain technologies such as multi-factor authentication.
These attacks will combine malicious proxy servers, social engineering techniques and repeated authentication request attacks or “fatigue attacks”.
AI and regulations will continue to shape cybersecurity
In 2024, the development of AI will have a positive impact on the efficiency of IT teams and security teams by enabling them to strengthen defences and work more efficiently, including through the processing of vast volumes of data in the aim of detecting anomalies. It should make it possible to respond more quickly in the event of an incident.
Indeed, analysis of attacks in 2023 showed a shortening of the time between network penetration and the triggering of a final attack – using malware or ransomware. The need for rapid detection and response tools to prevent costly incidents is therefore essential.
Regulatory developments could have a major influence on measures taken against ransomware.
The need to take more substantial measures could push some states to penalise the payment of ransoms, which would represent a brake on malicious actors and change the perspective of companies in the event of an attack.
Stricter legislation may also force companies to take additional measures, particularly regarding their abilities to collect data sets.
To protect themselves against increasingly rapid, effective and costly attacks, companies will need to strengthen their defences by equipping themselves with tools that allow them to detect and respond to incidents more quickly.
The worsening cybersecurity talent shortage does not appear to be as serious as some studies claim. On the contrary, companies have implemented more lax hiring criteria and more open-mindedness in the recruitment process.
From this perspective, to guarantee their survival in a constantly evolving threat landscape, companies have every interest in establishing partnerships with cybersecurity experts whose main mission is to make the hyper connected world safer, to advise and assist them in setting up effective defences. – cioAfrica
CTO,