The Biggest Cyber Attacks And Trends For 2024: AI, Zero-Trust, And IoT
How will AI-powered attacks impact cybersecurity? We have compiled a summary of the past year and the prospects for 2024.
In a Dell survey, over 90 % of IT managers responded that their company had been exposed to some form of cyber activity in the past year.
NUKIB statistics also confirm this increase. While only 146 attacks were recorded in 2022, this number rose to 227 last year. As in the previous year, ransomware and DDoS attacks were the most frequent, both in the Czech Republic and Europe.
However, governments and regulators worldwide are responding to the growing threats by introducing stricter laws. For example, the Czech Republic is currently implementing the European NIS2 directive, in which many companies have begun to implement log and event management systems.
Log Management Fulfilling NIS2 Requirements
At MasterDC, we will design customised log collection and management infrastructure to meet your organisation’s requirements and NIS2 standards.
Cybersecurity At MasterDC
The type of attacks detected on the MasterDC network has not changed much since 2022. Traditional DDoS attacks have mostly affected publicly available websites and APIs, and malicious codes have also infected insecure content management systems (CMS) such as WordPress.
“In 2023, we again experienced ransomware and targeted phishing campaigns on customers. As far as DDoS activity is concerned, our clients and websites in the Czech Republic in general were most affected by the activity of the pro-Russian hacktivists NoName057(16),” summarises Martin Žídek, CTO of MasterDC.
A change came in the shift of attacks towards application floods from botnets. There has also been a reduction in the frequency of classic volumetric reflection attacks while the volume of these attacks has increased.
So, what are the plans for the future? At MasterDC, we can outline that this year will be marked by modernisation and innovation on the network security side — specifically, two of its layers, AntiDDoS protection and the Data Retention (DR) system. “Implementing these new tools that automatically detect attacks, anomalies, and threats will make the MasterDC network more stable and resilient. In addition, the admin team will gain an even better overview of data flows within the network,” explains Žídek.
Cyber Attacks In 2023
The biggest ransomware attack of last year and the associated data leak is the work of the hacker group Cl0p. They exploited vulnerabilities in MOVEit, a file transfer and sharing application used by many companies worldwide, affecting more than 2,600 organisations and over 83 million users. The group also obtained sensitive data from Sony, IBM, the BBC, British Airways, and US government agencies.
The January attack on the US telecommunications company T-Mobile US affected more than 37 million customers. A second incident, reported in April, only affected approximately 800 customers. The leaked data included not only personal information but also PINs, social security numbers, or internal codes used by the company to service customer accounts.
HTTP/2 Rapid Reset
Google, Cloudflare, and AWS have all detected the largest DDoS attack in their history. It reached a size of 398 million rps (requests per second), with the previous record being 46 million rps. The HTTP/2 Rapid Reset attack was caused by exploiting a vulnerability in the HTTP/2 protocol, which is used by approximately 62% of internet traffic.
In October, up to 7 million user’s data were stolen from the US genetics and research company 23andme. Stolen login credentials to user accounts were used to breach security. The leaked personal data included genetic test results.
Electoral Commission UK
In August, the UK Electoral Commission announced that a cyber-attack had stolen the personal data of all registered voters between 2014 and 2022. The attackers, undetected, obtained the data between August 2021 and October 2022 and managed to steal the personal details of 40 million people. The authority subsequently admitted that it did not pass its Cyber Essentials Security Audit in 2021.
What To Prepare For In 2024
Staying informed about new threats is vital in protecting your company’s infrastructure and preventing data breaches. So, what cybersecurity trends can we prepare for this year? For clarity, we have divided them into six areas.
1. Artificial Intelligence: Threat and Defence
As artificial intelligence (AI) capabilities increase, we will see more sophisticated attacks and more authentic fraudulent content using deepfake technologies (generating fake videos, images, voice messages, or impersonating real people). Spear-phishing, in particular, i.e., targeted attacks on specific individuals, is also expected to grow.
However, the same tools, if not better, are available to cyber security teams. They use the analytical abilities of AI to identify attacks, enabling faster responses to security threats. AI is also being used to strengthen software and network security. So, the conclusion is that by the end of 2024, AI is expected to play a crucial role in both security and for the attackers.
2. Ransomware Growth
2023 brought a record number of ransomware attacks. Cyberint’s report indicates that a total of 4,368 subjects were targeted, an increase of more than 50% compared to 2022. Attacks are also particularly affected by overconfidence and optimism about their consequences. According to the figures, 74% of IT managers believe that they will get all their data back in the event of an attack after paying the ransom. Two-thirds were also confident that they would not be attacked again after payment.
The attack increase will also be caused by a drop in the price of Ransomware as a Service (RaaS), resulting in its greater availability and the complications of identifying the source. As a result, 2024 is expected to be even more challenging from a ransomware perspective, with small businesses facing the greatest onslaught. We recommend regularly backing up important data and preparing a disaster recovery plan for these situations.
3. Zero-Trust in the Supply Chain
A critical vulnerability in enterprise security remains weak links in the corporate supply chain. Subcontractors often lack robust protection against attacks, becoming a gateway for hackers to access the data and infrastructure of large companies. According to experts, attackers in the supply chain will focus primarily on software developers to gain access to source code so they can infect them with malware.
Nevertheless, a fundamental transformation in the fight against these attacks will be implementing a zero-trust model – a security strategy based on the principle of not trusting any device or person and always verifying every request to enter the network, for example, by multi-factor authentication, minimising privileges, or implementing monitoring tools. The following infographic summarises how companies responded to the question of implementing a zero-trust model.
4. State-Sponsored Cyber Attacks and Hacktivism
As geopolitical conflicts persist, state-sponsored attacks will also continue to increase. They aim to exploit data, destroy IT infrastructure, or engage in long-term espionage. The most common tactics include phishing and DDoS attacks. However, the rise of wipers, malware in which attackers do not encrypt data but destroy it, is predicted.
Furthermore, with major elections coming up in the US and UK, we can expect the spread of disinformation using deepfake and eavesdropping malware. There will also be increasing cyber activity by hacktivists.
5. Cyber Insurance
The spread of awareness of cyber threats and the increasing frequency of attacks are contributing to the growing demand for cyber insurance. However, as the number of participants grows, policy prices are expected to stabilise this year. At the same time, insurance exclusions are expected to be expanded, and minimum security standards for entities should be stricter.
The development of AI is also significantly impacting the shape of the insurance industry. Its algorithms are being used to assess the cyber resilience of potential clients, and it provides insurers with the opportunity to offer cyber security services directly. Given the costs associated with insurance and the shortage of skilled personnel, organisations are expected to shift from a reactive approach to more effective defensive security.
6. Attacks on IoT and Mobile Devices
The ubiquity and interconnectivity of IoT devices present an attractive attack surface for hackers. Their vulnerabilities are compounded by the fact that some manufacturers are prioritising functionality over security. Compromising IoT devices can lead to large-scale DDoS attacks, unauthorised network access, or data theft. We can, therefore, expect attacks on these devices to become more frequent.
Mobile devices will not be left behind, either. Smartphones are most vulnerable to banking Trojans, phishing, and other mobile malware designed to trick victims into downloading malicious apps.
Prevention Is The Best Defence
As attackers’ methods and tools continue to evolve, companies must adapt and update their cybersecurity measures. This applies not only to their own practices but also to a thorough examination of their vendors’ security measures. An essential prevention point is obtaining up-to-date information, based on which companies can then implement appropriate security measures and minimise the impact of cyber risks.
Particularly with the rise of AI-powered cyberattacks, organisations should adopt a comprehensive strategy, including implementing technology solutions, employee training, and regular updates to corporate systems. For more tips on how to prevent attacks, check out last year’s MasterDC Cybersecurity Summary.