Top Cybersecurity Threats to Prepare for Before 2024

Is Cyber 2024 Stuff of Movies?

We often think of modern cybersecurity as a movie scene with hooded hackers in the dark contending with cyber experts facing flashing screens. This heroic battle with security experts at its frontline trying to outsmart their adversaries by leveraging advanced technology is indeed playing out against hostile nation-states and criminal cyber masterminds every day. But in reality, security threats aren’t always as glamorous and flashy as our imaginations like to visualize. 

Warring nations have their part in cyber-warfare, especially in the shadow of the war in Ukraine. However, going into 2023, it is increasingly likely that “your average Joe’s” business, facility, and agency will find themselves a target of a non-sensational but devastating cyber attack.

Home-Grown Attacks

Cyber threats are frequently “home-grown.” One human error, a procrastinated software patch, or an overlooked cloud misconfiguration can create a whopping security vulnerability that delivers sensitive data right into the hands of unauthorized criminals. Hyper-connected computers and digital technology are embedded in every facet of our lives, and serious threats are more likely to emerge due to an erroneous click than to be the direct result of geopolitical wars. 

The proliferation of the internet of things (IoT), the recent cloud migration and related security breaches, and strained relationships and supply chain disruptions as a byproduct of the Russia-Ukraine war have changed the face of the digital world. When you put the picture together, it’s clear that cybersecurity threats and vulnerability management will be a top priority as we enter the new year.

When understanding the toughest cyber threat trends we face, the points of connection between the risks and the complete picture they create are more important than understanding each risk on its own. As the Office of the Director of National Intelligence pointed out at the unveiling of the US Annual Threat Assessment earlier this year, These security challenges “will intersect and interact in unpredictable ways, leading to mutually reinforcing effects that could challenge our ability to respond.”

Absent a crystal ball, let’s analyze what threats security experts on the front lines are anticipating in the year to come.

Up and Coming Threats for 2024

Internet of Things (IoT) 

Security vulnerabilities plague IoT devices that dominate the market. The more devices we connect to our network, the more potential entries and exits attackers can use to get in and out. A Mckinsey Global Institute report predicts that by 2025, there are expected to be more than 30 billion IoT connections. That rounds out to a staggering average of 4 IoT devices per person on the globe. According to the same McKinsey report, 127 new devices connect to the internet every second! 

At this rate, IoT devices will continue to significantly expand network attack surfaces, especially when you consider that, in contrast to computers and mobile devices, most IoT devices have less processing power and storage space. Because of this, using firewalls, anti-virus software, and other security tools that could help safeguard them is challenging. In addition, IoT devices are a prime target for skilled threat actors because they leverage edge computing to intelligently aggregate data. 

In light of all this, by the beginning of 2023, the White House National Security Council in the US expects to have standardized security labeling for suppliers of consumer IoT devices. This labeling system for IoT devices set to be rolled out this year will assist consumers by providing information about the potential risks associated with the equipment they are thinking of installing in their homes or offices. In the UK as well, The Product Security and Telecommunications Infrastructure (PTSI) bill is also expected to be released this calendar year.

Upping the Game: Nation-States Targeting Critical Infrastructure

All arrows seem to point in the direction of an increase of threats from foreign nation-state actors targeting critical infrastructure. This includes industries like gas lines, water systems, and energy plants. Fueled by geo-political events like the Russia/Ukraine war, as well as China and Iran, malicious actors are aiming for greater, more substantial impact, and the thrill of knocking a major asset offline is enticing. 

Businesses and agencies in the sector of critical infrastructure, or even indirectly related to it, should prepare themselves for the year ahead. 

US Annual Threat Assessment

The U.S. Intelligence Community unveiled its new Annual Threat Assessment earlier this year, identifying the top cyber threats to national security and the predominant nation-state actors. They are China, Russia, Iran, and North Korea. 

China

The report describes China as a leader in cyber espionage against the US and as having the capability to disrupt the US’s critical infrastructure. It warns that “China almost certainly is capable of launching cyber attacks that would disrupt critical infrastructure services within the United States, including against oil and gas pipelines and rail systems.” In general, China’s approach to cyber sovereignty involves draining the energy and resources of its adversaries.

Iran

The report describes Iran as “opportunistic”, explaining that it is willing to take on countries that have stronger cyber defenses than its own to prove its prowess. Based on Iran’s past successful targeting of critical infrastructure, the report concludes that this reflects Iran’s “growing willingness to take risks when it believes retaliation is justified.”

Russia

At a press briefing in March, Deputy National Security Advisor Anne Neuberger explained that Moscow “is exploring options for potential cyberattacks on critical infrastructure in the United States” and underscored the importance of vigilance and upping defensives across all industries. Notably, most experts agree that Western countries are in a strategically good place regarding a major cyber attack sourced in Russia. The Kremlin would lose more than it gains by damaging major Western infrastructure and fanning the flames of war against itself.

Governments will likely continue to tighten restrictions to enhance security for critical infrastructure. After the attack on the Colonial Pipeline and Biden’s 100-day sprint program, the US took the lead in enacting relevant laws. Other countries are now following suit and putting their policies and regulations for critical infrastructure and healthcare environments into practice. Examples of such countries include Australia, the UK, Germany, Japan, and the United Kingdom.

Election Deflection

To add more drama to foreign intervention in government agencies and critical infrastructure, 2023 will be a year in which over 50 countries are due to hold national elections.  Elections are frequently a target for attack by hostile foreign interests. Hacking attacks will probably take the form of disinformation campaigns on social media to skew the election result to the benefit of an adversary group. Misinformation and disinformation are pressing problems that have mingled with traditional cybersecurity to evolve into a form of social engineering that rears its head around election season. Cybersecurity teams will play an important role in stopping the spread of these harmful influences.

Ransomware

Ransomware is an old but very potent threat. Although high-profile ransomware attacks make their way to news headlines, ransomware does not discriminate between business sizes. Research shows that victims of ransomware are rather evenly distributed across all industries. SMBs, healthcare organizations, and educational institutions are often easy targets because they lack heavy cyber resources and an extensive security budget.

Researchers predict that extortion actors are likely to continue to choose ransomware payloads over of classic extortion in 2023. 

What’s the difference between extortion and ransomware?

• Extortion focuses on stealing data and demanding ransom
• Ransomware locks down critical business systems and then extorts the data

Ransomware actors have grown bolder and more sophisticated in their attacks on OT and IT environments. The Critical infrastructure sectors, including manufacturing, finance, energy, and agriculture are now regular targets of ransomware groups. Hackers are using increasingly aggressive tactics to achieve lateral movement across a network and often they deploy double and triple extortion threats.

There are ways to mitigate the impact of ransomware. First of all, software vulnerabilities need to be patched and continuously updated. Unfortunately, a lot of businesses and organizations drag their feet when it comes to applying fixes that can stop ransomware intrusions.

Supply Chain Attacks

Supply chains are likely to become a hive for targeted ransomware and hostile espionage operations. Our interdependence on global supply chains for digital components and third-party services makes supply chain risk and security so imperative.

Organizations now require a holistic approach with real-time monitoring of third-party risks and scrutiny of software and hardware components. Experts hope to see increased requirements and policies regarding Software Bills of Materials (SBOMs) to aid in identifying risk indicators like the geographical origin of the underlying components and providing visibility to interconnected dependencies.

On a similar note, identity and access management (IAM) and Zero Trust architecture will be further adapted to control third-party access to systems and data and mitigate the risks of a compromised supply chain. 

In 2023, we expect to see increased regulatory scrutiny of the global supply chain. The Cyber Resiliency Act is already in effect in Europe and an upgrade to the NIST framework is being proposed in the UK to put more of the risk burden on the suppliers. 

Due to the growing risk of regulatory fines and the complexity of cyber insurance, businesses will be under increased pressure from both customers and authorities to offer security solutions that are secure at their roots. Technology and SaaS platforms will continue to develop in response to consumer demands and mandated requirements.

Trends We’ll Likely See

• Platform consolidation to reduce siloed redundancies 
• Securing remote devices as organizations make decisions about in-office requirements
• Increased security for cloud services
• Managing and securing data on IoT devices
• Increased visibility and control of the supply chain 
• Leveraging machine learning algorithms and artificial intelligence to examine data far more effectively than humans ever could
• New regulations to improve the standard of cyber security and consumer privacy
• Zero trust architecture will be further used in a “verify everything” culture

Preparing for 2024

Thinking ahead can better equip you to face the risks that threaten us. The predictions we described in this article demonstrate the enmeshed character of the current cyber threat landscape and the need for collaboration across disciplines to effectively achieve resilience.

Security in the face of modern threats has a trickle-down effect, starting from federal or even global initiatives, to business leaders and local governments. Today, it’s no longer effective to write off cybersecurity as an issue for the IT or security department, and strong cyber governance models are expected to become more commonplace. Developing a sound understanding of the dynamic threat landscape and building strong defenses will be fundamental to business decisions in 2023. 

If you’re ready to have a real conversation about implementing security frameworks and risk assessments for your business, you may schedule a consultation now.