Small and medium-sized enterprises (SMEs) find themselves on the front lines of this ever-changing battlefield, with adversaries continuously innovating new techniques to breach defenses.
Our Chief Security Officer, Adam Mansour, shares six predictions for 2024 that underline the sophistication of cyber threats and emphasize the need for organizations to adapt and strengthen their security posture.
Prediction 1: Attacks Bypassing Multi-Factor Authentication (MFA)
In 2024, we anticipate a continuation of attacks that bypass MFA by exploiting weaknesses in cloud and SaaS security. These attacks employ various methods, including Pass-the-Cookie attacks, MFA fatigue, SIM swapping, and social engineering token resets.
Pass-the-Cookie attacks occur when session cookies are stolen through phishing or malware, providing the attackers a VIP – but unauthorized – backstage pass to web applications
MFA fatigue overwhelms users with repeated MFA prompts taking advantage of their tendency to accept prompts – think just clicking ‘OK’ to quickly move on to the next task – without careful consideration.
SIM swapping involves tricking mobile carriers into transferring a victim's phone number, granting access to sensitive accounts.
Social engineering token resets prey on human psychology by creating a sense of urgency or posing as trusted sources to manipulate users into compromising security.
To counteract these threats, here's what businesses can do:
- Implement Conditional Access: Regulate device connections to ensure only trusted devices can access critical resources.
- Employ Managed Detection and Response (MDR): Implement MDR on both endpoints and back-end systems to detect and prevent cookie-stealing attacks and other sophisticated threats.
- Educate Employees: Train employees on recognizing and resisting social engineering attempts, reducing the likelihood of falling victim to phishing and MFA fatigue attacks.
Prediction 2: Rise of AI-Powered Attacks
AI-powered attacks are anticipated to become more prevalent, leveraging artificial intelligence to create sophisticated phishing emails, undetectable malware, and personalized social engineering attacks. Attackers can exploit AI systems if not properly designed, leading to security vulnerabilities and misuse for various crimes, including fraud, identity theft, and cyber espionage.
Examples of AI-powered attacks include personalized phishing emails, evasive malware, and AI-enabled social engineering attacks.
But remember, AI is a two-way street. While attackers may use it for nefarious purposes, organizations will need to fight AI with AI.
To counteract these threats, organizations should consider the following:
- Enhance AI Defenses: Implement advanced AI-driven security solutions to effectively detect and counteract AI-powered attacks.
- Regularly Update Security Measures: Stay vigilant and update security measures to adapt to evolving AI-driven threats.
- Conduct Employee Training: Educate employees on recognizing AI-enabled attacks and emphasize the importance of remaining cautious in the face of sophisticated threats.
Prediction 3: Surge in Mobile OS Attacks in Ransomware
It's no news that our mobile devices are becoming increasingly intertwined with our lives. However, this popularity makes them tantalizing targets for cybercriminals. Cybercriminals employ tactics such as phishing, smishing, malicious apps, man-in-the-middle attacks, and exploiting unpatched software vulnerabilities to compromise these devices.
To mitigate the risk of mobile OS attacks, businesses should do the following:
- Implement Robust Security Measures: Enhance mobile device security by using robust security measures, including adding mobile threat detection (MTD), encryption, secure configurations, and regular updates.
- Educate Users: Conduct regular training sessions to educate employees about phishing threats and safe mobile device practices.
- Monitor App Installations: Regularly monitor and control app installations, ensuring only legitimate and secure applications are used within the organization.
Prediction 4: Escalation of Supply Chain Attacks
Supply chain attacks, particularly those leveraging off-the-shelf (OTS) software, are expected to rise. Attackers find OTS software appealing due to its ease of use, cost-effectiveness, evasion capabilities, and wide attack surface. Notable examples from 2023 include attacks on 3CX, MOVEit, Log4Shell, and Okta.
To fortify against supply chain attacks, organizations should conduct thorough risk assessments, monitor and update software regularly, and establish a secure software development lifecycle.
Here's what businesses should do:
- Conduct Thorough Risk Assessments: Evaluate the risk associated with using third-party software and conduct regular assessments.
- Monitor and Update Software: Keep software up to date and regularly monitor for vulnerabilities, applying patches promptly.
- Establish Secure Software Development Lifecycle: Implement secure software development practices to ensure the integrity of the supply chain.
Prediction 5: Decrease in Ransomware Encryption Attacks
While the overall number of ransomware attacks is decreasing, organizations should remain vigilant as attackers evolve their tactics. Contributing factors to the decline include increased law enforcement effectiveness, enhanced organizational security measures, and a growing reluctance to pay ransoms.
Despite the decrease, ransomware remains a serious threat, and we have some suggestions on what organizations should do:
- Implement Ongoing Security Measures: Continue implementing and updating security measures to protect against evolving ransomware threats.
- Provide Employee Training: Regularly train employees on recognizing and responding to ransomware threats, emphasizing the importance of cybersecurity hygiene.
- Continuously Improve Incident Response Plans: Review and update incident response plans to ensure their effectiveness in mitigating ransomware attacks.
Prediction 6: Rise in IT Liability
On October 30, 2023, where SolarWinds CISO Timothy G. Brown was charged for fraud and internal control failures by the U.S. SEC in connection with a cyberattack, represents a significant development. This case highlights the potential increase in IT liability, urging organizations to adopt more transparent and objective ways of describing their security practices.
To mitigate IT liability, organizations should consider the following:
- Outsource Security: Consider outsourcing cybersecurity to dedicated firms with robust security practices and continuous monitoring.
- Emphasize Transparency: Encourage transparency in communication, both internally and externally, regarding the organization's cybersecurity practices.
- Explore Cybersecurity Insurance: Investigate and invest in cybersecurity insurance products to mitigate potential liabilities associated with cyber threats.
As organizations navigate the complex and ever-changing landscape of cybersecurity threats, staying ahead of adversaries requires a proactive and adaptive approach. Implementing robust security measures, adopting advanced technologies, and embracing transparency will be key in safeguarding against the predicted cyber threats of 2024