Bridewell has outlined the key cyber security developments and trends set to shape the next 12 months. Its report, ‘Cyber Security: What to Expect in 2024’, is informed by insights collected through continuous monitoring from its 24/7 Security Operations Centre (SOC) and input from its consultants and cyber experts.
Key challenges on the horizon for next year include:
The rise of polymorphic malware, enabled by AI
AI threats are real and all around us, says the report. AI will lower the barrier to entry for criminals but also help with detection in a way no human can, democratising security. AI will enable more sophisticated attack methods such as polymorphic malware, which mutates with every infection, making detection a difficult task. The arms race around AI will become a distinct feature of the next 12 months, as organizations and criminals compete to take advantage of the technology.
2024 will see RaaS level up the cyber world
The growth of Ransomware-as-a-Service (RaaS) will catapult large-scale criminal gangs to enterprise status and level up the lower-skilled crime groups. Ransomware operators with the skills to write software for use by affiliate groups have identified a gap in the criminal market. This is accelerating the professionalisation of cybercrime. Large-scale ransomware groups will achieve the size and habits of major enterprises, adopting departmental specialisms such as R&D and offering defined career structures. The only thing they won’t do in 2024, is pay taxes.
Cyber strikes to the supply chain
Supply chain attacks, a constant source of alarm for several years, will continue to pose serious problems in 2024. The reason is not just that criminals have become very expert in moving through suppliers’ systems to their ultimate target. Supply chains are, and will continue to be, very difficult to secure end-to-end. As concerns mount, more companies will turn to specialists to conduct assessments of supply chain partners to judge where and how each supplier poses a risk.
An explosion of threats against energy companies
The energy sector faces heightened risk because it is a bargaining chip for cyber criminals focused on politically-motivated attacks. It is effectively a weapon of war and an area of major governmental concern, given its critical role in all economies and the sensitivity to price rises among consumers. The International Energy Agency has warned that energy systems are at ‘unprecedented threat’ from cyber attacks, particularly in the renewables segment of the market. Green energy technologies will become hotspots for cyber threats, so the sector must brace for a turbulent year.