Top cybersecurity trends to watch in 2024

The year ahead presents cybersecurity defenders with a host of new challenges as threat actors continue to evolve their tactics. Zaheer Ebrahim, Solutions Architect at Trend Micro MEA, shares the top insights from Trend Micro’s latest research and the cybersecurity developments that are on his radar for the year.

A statement by Trend Micro said 2023 was a year that saw a great deal of change within the tech industry.

The most notable development was in artificial intelligence (AI), which dominated conversations to the point that “prompt” was dubbed a finalist for the Oxford Word of the Year 2023. The discussions around AI are no less significant in the cybersecurity industry, with 2024 expected to usher in important changes around how organisations will protect themselves and their assets in the future.

AI is of course not the only change organisations need to keep an eye on this year. As enterprises have continued to digitise, the cloud and Web3 technologies have come to the fore as they consistently demonstrate their value to business growth. However, it’s these new solutions that also present new opportunities for cybercriminals.

In Trend Micro’s latest report, Critical Scalability, we’ve found that the transformative potential of these tech breakthroughs will reach their peak in 2024 and present organisations and their cybersecurity teams with new battlefronts.

READ ALSO: Global study reveals African companies still undervalue cybersecurity role

Cloud adoption among organisations in Africa has grown exponentially in recent years. At the same time, this has expanded the attack surface and organisations will need to ensure that as their IT infrastructure has transformed so too have their security parameters.

Trend Micro’s latest research shows that cloud environments will become the playground for tailor-made worms built to exploit cloud technologies. Threat actors do this by using misconfigurations as easy entry points. One study by the Open Worldwide Application Security Project (OWASP) found that misconfigurations ranked among the top API risk for organisations. Worming capabilities have the potential to set off rapid propagation in cloud environments due to the interconnectivity of the cloud.

The ideal approach to any cloud migration journey is to ensure cybersecurity is considered every step of the way. This requires security teams to look beyond the usual malware and vulnerability scans, and to proactively evaluate cloud environments in anticipation of these worm attacks.

Data poisoning cloud-based machine learning (ML) models is an emerging threat but will grow in prominence in 2024. Defenders will have to contend with an expansive attack surface as a weaponised ML model can open the floodgates to sever consequences such as divulging confidential data for extraction, writing malicious instructions, and providing biased content that could lead to user dissatisfaction or potential legal repercussions.

READ ALSO: Trend Micro’s latest cyber threat report spotlights new criminal tactics

AI continues to be a tool that aids the fight against cybercriminals, but it is also one used by bad actors themselves.

In the case of social engineering scams like spear phishing, harpoon whaling, and virtual kidnapping, generative AI has been key in increased success rates for criminals. This, however, is just the tip of the iceberg, with 2024 expected to bring with it more advancements in this kind of attack. Voice cloning has already started to make its way into the toolkits of criminals for identity theft and social engineering.

While the malicious large language model (LLM) WormGPT was shut down in August last year, it’s unlikely we’ll see the last of this type of tool. Cybercriminals often pivot quickly to alternatives and AI researchers have demonstrated that it’s possible to trick generative AI systems into circumventing their own censorship rules.

Widespread legislation has yet to be passed on generative AI, but it is possible to be proactive about protecting your organisation. Implementing zero-trust policies and encouraging employees to have a vigilant mindset will help to protect an organisation against attack.

Supply chains continue to be an attractive target for cybercriminals. In fact, Trend Micro found that more than half (52%) of global organisations had supply chains disrupted by ransomware. Many of the IT leaders surveyed expressed concern about the high risk their company faced due to their network of partners and customers.

Taking proactive steps to protect an organisation’s CI/CD systems can help reduce the risk of an attack. These include implementing application security tools that can quickly recognise suspicious behaviour, deploying these protections across the entire CI/CD pipeline, conducting in-depth research and scans on libraries and containers before use, and monitoring any external dependencies for hidden vulnerabilities.

Private blockchains have become popular among enterprises looking to lower their costs in areas like supply chain management and intra-company accounting. These systems, however, are not put under the same stress tests as their public counterparts and are not as resilient as a result. Cybercriminals running extortion schemes see this as a significant advantage and will seek to exploit this in 2024.

As with all novel technologies like blockchain, it takes time to develop competencies to run and manage the solution internally. Organisations will have to rely on external providers for this function and opt to work closely with their vendors to manage security.