Ransomware, AI, and social engineering all set to be 2024's biggest security threats

A digital padlock on a blue digital background.
(Image credit: Shutterstock / vs148)

Ransomware attacks reached a record high in 2023, and are set to continue to be a threat for some time to come, new research has warned.

In its 2024 Key Forecasts, ZeroFox Intelligence highlighted analysis of live threat intelligence data showing the rise, and warned that as a number of key elections are due in 2024, it expects an uptick in malicious campaigns and scams looking to spread misinformation.

Manufacturing and technology industries facing the greatest threat, the company said, with US based organizations will likely suffer more than 50% of global ransomware attacks in 2024 due to its sizable economic and digital infrastructure.

An evolving threat landscape

Social engineering is expected to rise as a result of phishing campaigns utilizing new techniques and malicious attachments. Search engine optimization (SEO) will also see increased levels of manipulation by threat actors looking to make their scams appear more legitimate, or use more legitimate domains.

AI will see an increased use by threat actors and the cyber security industry as its abilities evolve. Synthetic media generated by AI will be used to target elections, and spread misinformation, disinformation, and malinformation. However, there is potential for AI to enhance defense capabilities concerning cyber security and the detection of synthetic media.

There is a growing threat that cyber attacks will have increasing physical damages, most likely affecting finance, energy and healthcare. These critical sectors can suffer huge real world damage as a result of cyber attacks, and often use out-dated or undersized security infrastructure. Nation-state and state-sponsored attacks are the most likely to target these critical sectors, especially with regard to the Russia-Ukraine war and tenuous relations between China and Taiwan.

ZeroFox noted businesses looking to enhance their protective capabilities, which include backing up critical data to off-site encrypted cloud storage, monitoring network access and device configurations, and adopting an organization-wide zero-trust cybersecurity architecture to keep device access to the minimum required for operation.

More from TechRadar Pro

Benedict Collins
Staff Writer (Security)

Benedict Collins is a Staff Writer at TechRadar Pro covering privacy and security. Before settling into journalism Ben worked as a Livestream Production Manager, covering games in the National Ice Hockey League for 5 years and contributing heavily to the advancement of livestreaming within the league.

He has a MA in Security, Intelligence and Diplomacy, alongside a BA in Politics with Journalism, both from the University of Buckingham. Outside of work Ben follows many sports; most notably ice hockey and rugby. When not running or climbing, Ben can most often be found deep in the shrubbery of a pub garden.