Trends to watch: Cyber risk in 2024
As the cyber threat landscape continues to evolve year over year, it is pivotal to monitor trends and track their impact on the global cyber ecosystem. Attempting to understand why threat actors do what they do helps us begin to uncover how they will behave in the future. In order to maintain cyber resilience against new and emerging threats, this level of attention and understanding is necessary.
Adversaries will continue to leverage large language models (LLMs) to accelerate the time to ransom.
Resilience cybersecurity experts predict that in 2024, adversaries will continue to leverage Large Language Models(LLMs) to accelerate human engineering tactics and time to ransomware attacks. According to a report by NordVPN, there is increased interest by potential criminal actors as the volume of posts regarding ChatGPT in DarkWeb forums has increased 145% from January to February 2023.
LLMs can be leveraged to create more convincing and effective social engineering or phishing attacks. They can also be used to impersonate organizations or individuals and create fictitious engagement on social media platforms. The future of social engineering attacks will require a heightened level of vigilance on a human level. More sophisticated training and stronger email security measures will be required to replace traditional mitigation measures, such as searching for spelling errors or disfigured company logos.
Threat Actors will continue to target third-party vendors to scale their attacks.
Trends we’ve seen throughout 2023 will continue and potentially ramp up as the success of third-party vendor breaches fund cybercriminal activities. Third-party risk poses massive challenges to companies, particularly within the supply chain.
LockBit will remain the dominant ransomware gang for a fourth consecutive year.
LockBit has been the dominant ransomware gang for the last three years, and this will not change in 2024. In 2023, LockBit had more than twice as many victims as the two other top ransomware groups, CL0P and BlackCat, respectively. Their continued high volume of victims makes them the world’s “most active” ransomware group. In 2024, it is more than likely that LockBit will maintain this status. However, as organizations grow more resilient to making ransom payments, LockBit may struggle to remain profitable in the upcoming year. Despite the state of the ransomware economy, reducing LockBit’s success by maintaining security infrastructure against ransomware extortion will be a key focus in 2024.