Virtualization Technology News and Information
Article
Search:
RSS
Follow VMblog.com:
Improve end user experience in VDI, DaaS and physical endpoint environments
LastPass 2024 Predictions: Cybersecurity lookback 2023 - What it means for 2024

vmblog-predictions-2024 

Industry executives and experts share their predictions for 2024.  Read them in this 16th annual VMblog.com series exclusive.

Cybersecurity lookback 2023: What it means for 2024

By Michael Kosak, Senior Principal Intelligence Analyst, LastPass and Alex Cox, Director, Threat Intelligence, Mitigation and Escalations (TIME), LastPass

This past year has shown us some interesting developments in the cybersecurity domain. Driven by technological advancements, these ever-expanding threats have been fueled by the proliferation of IoT devices and the deployment of 5G technology, post-pandemic hybrid office environments, and supply chain vulnerabilities, to name just a few.

As we move into the final quarter of the year, we will expect to see threat actors pivoting and reacting to changes in the news cycle, and geo-political and technology landscapes, with an expected uptick in attacks around the holidays. This is indicative of the "cyber arms race" that defenders deal with year after year, setting the stage for more of the same in 2024.

What's next?

As we look ahead to 2024, we anticipate continued volatility in the cybersecurity threat environment, with the geopolitical environment creating a larger dynamic backdrop against which more specific trends will play out.  The ongoing conflicts in Ukraine and the Middle East will drive cyberespionage and patriotic hacktivism attacks with the potential to impact private companies either directly (as we have seen with DDoS attacks targeting Western firms by KillNet and Anonymous Sudan) or indirectly (as we saw with downstream impacts when attacks targeting Microsoft disrupted customer access to Azure and Outlook). These conflicts, along with the U.S. presidential election, will drive increased misinformation and disinformation campaigns, sowing further general instability across the globe.  

Outside of this broader geopolitical milieu, we anticipate a few major issues that will shape the cybersecurity threat environment. Most of these will be evolutions of threats we saw over the past year,  and we can anticipate how to best mitigate these threats before they outstrip existing defenses.

Everything old is new again

Ransomware has remained a popular attack mode, with expectations that it will only continue to increase in popularity. We believe the following cybersecurity trends will be driven in large part by these continued threats, dictating the need for the following actions:

Prompt vulnerability patching.

Over the last year, we have seen ransomware gangs leverage vulnerabilities to gain initial access with phenomenal success, as demonstrated by these groups' leveraging of the MoveIT and Citrix Bleed vulnerabilities. The Clop ransomware alone accounted for hundreds of infections this year after the group incorporated the MoveIT vulnerability as an initial access vector. Given these ransomware gangs' success using these vulnerabilities, we can expect to see this tactic grow in adoption and drive a further expansion of the zero-day market.

Boosting of defenses in Data Loss Prevention (DLP) to help stay ahead of ransomware developments.

The last year saw ransomware groups increasingly shift their emphasis away from encryption to straight data exfiltration and extortion with an increased emphasis on speed. A recent report from Secureworks found that, in nearly two-thirds of the cases they analyzed, ransomware operators had deployed their malware and exfiltrated data within 24 hours of initial access, down from 4.5 days just the year before.  As we move into 2024, we can expect to see this trend continue, both in speed of action and emphasis on exfiltration, as ransomware gangs adapt those tactics that have proven effective financially and operationally, making DLP a cornerstone of ransomware prevention.

The move to passwordless authentication.

The third trend in the coming year offers opportunities to take concrete steps to protect yourself, your business, and your information in a way that hasn't been widely available until recently, making now the time to move to passwordless authentication. As exposed valid credentials continue to be one of the largest drivers for data breaches and ransomware infections, the need to move to passwordless authentication is clear.  And with major technology providers adopting the technology and making it commercially available on a scale unknown even a year ago, it's easier than ever to make the move. While we can expect a concurrent shift in threat actor targeting to session tokens as valid credentials become less available, forcing threat actors to adapt and get out of their game is how cybersecurity advances.   

The impact of AI

And finally, no discussion of the 2024 cybersecurity threat environment would be complete without a discussion of the impact of Artificial Intelligence (AI) on the landscape. Given the rise in the use of AI across a variety of applications, we expect AI to accelerate changes in both offensive and defensive measures in cybersecurity. We can already see how this is playing out on both sides of the coin. Major technology companies are integrating AI into their security tools to help shorten response times, improve anomaly detection, and automate responses (e.g., Microsoft's Security Co-Pilot).  Concurrently, threat actors are leveraging AI to improve malware development, improve obfuscation, and generate more convincing phishing emails. We can expect both of these trends to continue and accelerate with some foreseeable consequences, like improved cyber defenses and lowered technological barrier of entry for threat actors to conduct sophisticated attacks, and some not so foreseeable. Regardless, AI will be a major factor in the 2024 cyber threat environment, for better and for worse.

As we've learned over the past year, being cyber-ready is critical. And being cyber-ready is not just about just protecting your organizational assets. It's all about anticipating the next threat, ensuring you're always a step ahead of bad actors to protect and defend your organization against harm.

##

ABOUT THE AUTHORS

Michael Kosak, Senior Principal Intelligence Analyst, LastPass

Mike Kosak 

Mike Kosak has been an intelligence analyst for over 20 years working in both the public and private sectors. He has served in several senior analyst and management roles within the cyber threat intelligence field with a focus on operationalizing intelligence.

Alex Cox, Director, Threat Intelligence, Mitigation and Escalations (TIME), LastPass

Alex Cox 

Alex Cox is a recognized expert in security and cyber threat intelligence. He has spent over 20 years in various aspects of cyber security roles in the security product space and financial services industry. Currently, Alex is exploring all things password and building the threat intelligence function at LastPass.

Published Tuesday, December 19, 2023 7:33 AM by David Marshall
Get This Featured White Paper: Password Management Report: Unifying Perception with Reality
You may also be interested in this white paper: Developing a Comprehensive Windows Application Strategy with Liquidware Essentials
Comments
There are no comments for this post.
To post a comment, you must be a registered user. Registration is free and easy! Sign up now!
GenAI
DTW-NA
innovatrix
capacity-europe
vExpert
Calendar
<December 2023>
SuMoTuWeThFrSa
262728293012
3456789
10111213141516
17181920212223
24252627282930
31123456
OSZAR »