With the surge in Cybercrime-as-a-Service (CaaS) and the influence of generative AI, threat actors have unprecedented tools for sophisticated attacks. The 2024 threat predictions report by FortiGuard Labs delves into the new era of advanced cybercrime, examining AI’s impact, highlighting emerging threat trends, and providing guidance for organizations to enhance their resilience in an evolving threat landscape.
Evolution of Old Favorites:
Old favorites in attack tactics are evolving, with Advanced Persistent Threat (APT) groups expected to increase, and cybercrime groups diversifying targets, focusing on more disruptive attacks, denial of service, and extortion. Cybercrime “turf wars” persist, with multiple groups targeting the same victims, and deploying ransomware variants within hours. Generative AI is further enhancing attacks, enabling cybercriminals to use AI for social engineering evasion and human behavior mimicry.
Fresh Threat Trends for 2024 and Beyond:
1. Big Playbook Energy: Ransomware attacks will adopt a “go big or go home” approach, targeting critical industries like healthcare, finance, transportation, and utilities for more substantial impact and rewards. Attackers will expand playbooks, making attacks more personal, aggressive, and destructive.
2. New Day for Zero Days: Increasing the use of platforms, applications, and technologies creates opportunities for cybercriminals to exploit software vulnerabilities. Expect the emergence of zero-day brokers in the Cybercrime-as-a-Service (CaaS) community, selling zero-days on the dark web to multiple buyers, posing significant risks.
3. Playing the Inside Game: Enhanced external security controls prompt attackers to focus on recruiting insiders for initial access. Tactics, reconnaissance, and weaponization will shift left, with attackers leveraging inside knowledge for more effective infiltrations.
4. We the People” Attacks: Cybercriminals will exploit geopolitical events and opportunities like elections and major games, utilizing generative AI for support. The focus will be on event-driven attacks with AI-enabled tactics.
5. Narrowing TTP Playing Field: Attackers will diversify tactics, techniques, and procedures (TTPs), but defenders can disrupt activities by closely examining regular TTPs and identifying potential choke points.
6. More 5G Attacks: With an increasing array of connected technologies, cybercriminals will exploit 5G vulnerabilities to disrupt critical industries such as oil and gas, transportation, public safety, finance, and healthcare.
Navigating a New Era of Cybercrime:
Collaboration, incident reporting, cyber resilience, skill gap solutions, and threat sharing are vital to anticipate and thwart cybercrime activities.