2024 is poised to be a hotbed for new challenges in cybersecurity. As both economic and political terrains continue to undergo digitization, enterprises will increasingly leverage artificial intelligence and machine learning (AI/ML), the cloud, and Web3 technologies. While these innovations are expected to lend a hand to organizations, they also provide opportunities for cybercriminals by promising big returns, more streamlined operations on wider impact zones, and more targeted victims.
In their pursuit of catering to their organization’s evolving needs, business leaders are faced with a unique challenge: They must strike a balance between foresight and operational hardiness anchored in technological investments. In this report, we detail the focal points of next year’s threat landscape, along with insights and recommended mitigation measures from Trend Micro’s team of cybersecurity experts that are designed to guide decision-makers toward well-informed choices for the year ahead.
As cloud adoption becomes more critical to business transformation today, enterprises need to look beyond their routine malware and vulnerability scans. In 2024, cloud environments will be a playground for tailor-made worms crafted to exploit cloud technologies and misconfigurations will serve as an easy entry point for attackers.
With just a single successful exploit, particularly through misconfigured APIs in the likes of Kubernetes, Docker, and WeaveScope, attacks with worming capabilities can set off rapid propagation in cloud environments. In short, these worm attacks use interconnectivity — the very benefit for which the cloud was made — against cloud environments.
The expected value of the cloud API market value by 2031
of surveyed Kubernetes clusters experienced attacks from malware campaigns.
Data poisoning will make machine-learning (ML) models an exciting and expansive attack surface for threat actors to explore as these promise a wide variety of high rewards with very few risks. A compromised ML model can open the floodgates to possibly divulging confidential data for extraction, writing malicious instructions, and providing biased content that could lead to user dissatisfaction or potential legal repercussions.
Validating and authenticating training datasets will become increasingly imperative, especially while ML remains an expensive integration for many businesses. Enterprises who take their algorithms off-premises to lower cost will also be more vulnerable since they rely on sourced data from third-party data lakes and federated learning systems. This means that they are completely dependent on datasets stored within cloud storage services guarded by systems outside their own.
of IT leaders consider machine-learning integration a top priority for operations.
The minimum payment required by malicious actors to poison datasets
As technological innovations continue to simplify business operations, the attack surface also branches out for threat actors. An increase in software supply-chain attacks will solidify the need for enterprises to implement application security tools to gain visibility over their continuous integration and continuous delivery (CI/CD) systems.
Cybercriminals can take advantage of providers with weak defenses to gain access to widely used software and find their way into supply chain vendors. Ultimately, however, they will wreak the most havoc for end users. In 2024, vendors need to anticipate that ambitious threat actors will strike at the source — the very code on which IT infrastructures are built — with attacks that will persistently focus on third-party components like libraries, pipelines, and containers.
of global organizations had supply chains hit by ransomware.
Code-injection attacks that disrupt the supply chain:
- Credential harvesting
- Resource hijacking
- Distributed denial-of-service (DDoS) attacks
Spear phishing, harpoon whaling, and virtual kidnapping are just the tip of the iceberg when it comes to AI’s potential role in cybercriminal schemes. We predict that in 2024, voice cloning, already a powerful tool for identity theft and social engineering, will take center stage in targeted scams.
Despite malicious large language model (LLM) WormGPT's shutdown in August 2023, we expect more of its spawn to populate the dark web. In the interim, threat actors will also find other ways to use AI for cybercrime. While legislation to regulate the use of generative AI is yet to be passed, it is paramount that defenders implement zero-trust policies and establish a vigilant mindset for their respective enterprises to avoid falling prey to AI-powered scams.
Private blockchains can expect some targeted heat from threat actors in 2024 as a result of more enterprises turning to them to lower costs. Since private blockchains generally face fewer stress tests and lack the same level of resilience compared to their battle-hardened public counterparts that face off constant attacks, cybercriminals will likely gun for administrative rights to the former.
The increased criminal attention on Web3 technologies will also lay the groundwork in 2024 for the first criminal groups that run entirely on decentralized autonomous organizations (DAOs) and are governed by self-executing smart contracts hosted on blockchain networks. Indeed, a preamble to these threat groups has already been observed in actors who weaponize smart contracts to add layers of complexity to cryptocurrency-related crimes against decentralized finance platforms.
Enterprises making bold bets on ML models, generative AI tools, blockchain networks, and the cloud in the hopes of productivity gains should stay sharp for the unvarnished truths and unexpected pain points that will surely come with these engines of innovation. For defenders to hold the line against the ever-evolving cyberthreats that lie in wait next year, they will need to stay vigilant and practice resilience at every point of the threat life cycle, on top of enforcing a multi-dimensional security strategy grounded on trusted and forward-thinking threat intelligence.
Like it? Add this infographic to your site:
1. Click on the box below. 2. Press Ctrl+A to select all. 3. Press Ctrl+C to copy. 4. Paste the code into your page (Ctrl+V).
Image will appear the same size as you see above.