What to expect from the cyber threat environment in 2024?

2023 was a busy year for cybersecurity in Brazil and around the world. We have seen attacker techniques, invasion strategies at inopportune times, scams through dating apps, and even the use of Artificial Intelligence (AI) to automate and scale up ransomware, phishing, and many other attacks, becoming increasingly sophisticated and difficult to detect.

This evolution of crimes should serve to raise the awareness of end users and national and international companies about the importance of protecting themselves at all times against a wide range of types of cyber threats.

As 2024 comes knocking on the door, people may wonder: What happens now? What will be the cyber security scenario in our country and other countries? Unfortunately, we cannot predict the future. Cybercriminals are developing new tactics, techniques and procedures (TTPs) every day trying to bypass security systems and discovering new ways to commit fraud to achieve their main goal: making money (through theft or extortion).

While it’s impossible to predict exactly how attackers will act from 2024 onwards, Sophos, which I lead in Brazil, has identified some trends that companies, users and IT teams should pay close attention to. This work was led by Field Director and CTO Chester Wisniewski and Sophos X-Ops, the company’s multi-operations team.

The research showed that many threats seen in 2023 will continue next year, especially those related to credential theft and exploitation of unfixed flaws in internet-connected equipment.

Despite the expectation that it will “remain” as it was last year, it is possible that criminals’ actions in 2024 will be more productive. For example, from year to year, we see a number of changes between zero-day vulnerability exploits and the use of stolen credentials to gain access to target networks. According to Wisniewski’s research, when criminals detect new vulnerabilities, they will exploit them and potentially cause major damage.

Another point that needs to be paid attention to is multi-factor authentication. As this method has become widely used as a way to provide greater security, the tendency for cybercriminals is to develop ways to bypass this method.

In this content, As this mechanism becomes increasingly adopted, attackers tend to focus on other forms of actionfor example, hijacking session cookies, leading to the theft of user and organization credentials, thus facilitating access to more sensitive data.

The year 2023 also showed many advances regarding the abuse of supply chains. Via compromised managed service providers (MSPs), file sharing devices, or authentication providers.

As we know, sometimes the easiest way to get into the target network is through the backdoor and then Therefore, we can expect such attacks to increase throughout 2024 as users strengthen their networks and begin to use cybersecurity as a service.

Last but certainly not least, it is possible that some countries may attempt to ban the payment of ransom for incidents involving ransomware. Such attacks can be considered a kind of epidemic in the cybersecurity world.because he usually carries millions in cash.

And as we know, these cases can affect hospitals, schools, banks and many other services considered essential to the public. It is difficult to predict whether a possible ban on ransom payments will be effective, but the trend is that people will demand that some measures be taken to avoid these attacks or mitigate their effects.

Although the cybercrime scenario is quite challenging, all is not lost. There are a variety of solutions that can help protect companies, including managed response services with teams working 24 hours a day, seven days a week, as well as protections for users such as firewalls and endpoint services.

The best way to protect yourself is to always accept that things can happen to anyone. This way we have a better chance of resolving problems before they become more serious.