Barracuda has published predictions from its frontline security experts on anticipated cyberthreats for 2024. The predictions offer organizations valuable insights to help them strengthen their defenses over the coming year.
The Barracuda experts reported that 2023 had seen continued evolution and growing sophistication of social engineering, exemplified by the MGM attack orchestrated by Scattered Spider, as well as the continued rise of Business Email Compromise (BEC). Barracuda’s offensive security team noted that BEC attacks were seen almost as often as ransomware attacks. A widespread lack of risk awareness among companies and the absence of robust data- and application- protection were other things that surprised the security pros this year.
As organizations approach 2024, the main concerns appear to be the risk of AI-powered cyberattacks, attackers’ growing ability to bypass multifactor authentication (MFA) and vulnerabilities in supply chains and critical infrastructure. Many companies are grappling with the challenge of a multitude of security solutions for daily security tasks, coupled with uncertainty about the adequacy of legacy solutions in addressing emerging and future challenges.
Over the coming 12 months, Barracuda’s frontline professionals expect to see more cybercriminals focused on developing and implementing AI-powered cyberattacks, more targeted ransomware campaigns, and identity attacks, among other things.
Cybercriminals are expected to leverage the capabilities of machine learning and generative AI to enhance their attacks. This could include the automation of attack processes through advanced AI algorithms, leading to more efficient, scalable, and intricate attacks. Targeted ransomware campaigns are likely to focus on critical infrastructure and high-value targets.
The persistence of threat actors in concentrating efforts on advanced and increasingly convincing account takeover and phishing attacks is highlighted, with attackers leveraging the resulting access for additional malicious activities.
New threats are expected to emerge, driven by technological advancements, geopolitical events, and changes in attacker tactics. These include the potential rise of deepfake and synthetic media attacks.
A notable shift in focus toward small and mid-market businesses is expected, as threat actors capitalize on increased digitization in these sectors and exploit the shortage of cybersecurity professionals.
The overarching themes for 2024 emphasize the continued exploitation of the weakest links within businesses, underscoring the importance for organizations to adopt comprehensive strategies addressing all potential vectors of attack.
Parag Khurana, Country Manager, Barracuda Networks (India) Pvt Ltd, said, “As we turn our gaze towards 2024, we see a future that combines the ongoing success of many current attack tactics, such as identity compromise, with an emerging landscape dominated by AI-powered cyberattacks. The well documented global shortage of cybersecurity professionals means organizations need to look to integrated-end-to-end security solutions, third party security operations centers and ongoing employee security awareness training, to fortify their defenses. As cyber threats continue to evolve and diversify, the importance of proactive measures, collaboration, and advanced security solutions cannot be overstated. Leading security vendors are committed to providing companies with innovations that address the evolving threat landscape.”