Ransomware, AI, and social engineering all set to be 2024's biggest security threats

News
By published

Evolving threats and capabilities will increase the risks posed to businesses

A digital padlock on a blue digital background.
(Image credit: Shutterstock / vs148)

Ransomware attacks reached a record high in 2023, and are set to continue to be a threat for some time to come, new research has warned.

In its 2024 Key Forecasts, ZeroFox Intelligence highlighted analysis of live threat intelligence data showing the rise, and warned that as a number of key elections are due in 2024, it expects an uptick in malicious campaigns and scams looking to spread misinformation.

Latest Videos From

An evolving threat landscape

Social engineering is expected to rise as a result of phishing campaigns utilizing new techniques and malicious attachments. Search engine optimization (SEO) will also see increased levels of manipulation by threat actors looking to make their scams appear more legitimate, or use more legitimate domains.

AI will see an increased use by threat actors and the cyber security industry as its abilities evolve. Synthetic media generated by AI will be used to target elections, and spread misinformation, disinformation, and malinformation. However, there is potential for AI to enhance defense capabilities concerning cyber security and the detection of synthetic media.

There is a growing threat that cyber attacks will have increasing physical damages, most likely affecting finance, energy and healthcare. These critical sectors can suffer huge real world damage as a result of cyber attacks, and often use out-dated or undersized security infrastructure. Nation-state and state-sponsored attacks are the most likely to target these critical sectors, especially with regard to the Russia-Ukraine war and tenuous relations between China and Taiwan.

ZeroFox noted businesses looking to enhance their protective capabilities, which include backing up critical data to off-site encrypted cloud storage, monitoring network access and device configurations, and adopting an organization-wide zero-trust cybersecurity architecture to keep device access to the minimum required for operation.

More from TechRadar Pro

TOPICS
Benedict Collins
Benedict Collins
Senior Writer, Security

Benedict is a Senior Security Writer at TechRadar Pro, where he has specialized in covering the intersection of geopolitics, cyber-warfare, and business security.

Benedict provides detailed analysis on state-sponsored threat actors, APT groups, and the protection of critical national infrastructure, with his reporting bridging the gap between technical threat intelligence and B2B security strategy.

Benedict holds an MA (Distinction) in Security, Intelligence, and Diplomacy from the University of Buckingham Centre for Security and Intelligence Studies (BUCSIS), with his specialization providing him with a robust academic framework for deconstructing complex international conflicts and intelligence operations, and the ability to translate intricate security data into actionable insights.