3 cybersecurity trends & tips for businesses and employees in 2024
by
2024 announces itself as the year when cybercriminals will once again shift up a gear. New dangers that we have been closely monitoring for some time will come to their full development and reach new heights in the coming period.
We highlight three of them, look at their recent evolution and how they will target our businesses and employees. Don’t worry: we also provide some tips on how to best guard against these new trends in cybercrime.
1. Buy a license for ransomware
Ransomware-as-a-Service (RaaS) is certainly not new. It is, however, an industry that continues to evolve. While it has long been possible for a beginning criminal to buy a ready-made ransomware package, today that has shifted to a model that receives updates throughout the year and stays up-to-date.
Criminals no longer buy the software, but rather a license – just as you would for an Office package. The developers of that software, often organized gangs, receive a share of the cake for each successful transaction; often a 30% share. In return, the licensee receives regular updates and thorough support throughout the ransomware process. Does a victim fail to make a payment? Then he or she can get support from the “professional” provider.
As a result, ransomware is less likely to be defused, as even inexperienced hackers can continue to exploit new vulnerabilities without any effort, backed by a network of professionals. Whereas it used to be enough to run your updates every day to fix vulnerabilities, today you may remain vulnerable even after that as hackers are automatically provided with new access paths to your system.
Our tip: Think in layers
There is no miracle solution that secures your network or devices. If in the past you could imagine yourself safe with a good antivirus or a firewall, today it is impossible to secure your entire digital environment with a single button. So it comes down to deploying the right combination of applications, solutions and methods.
That sounds like a big investment? Well, it may be a lot cheaper than having to pay a large sum of ransom for your data, or lose several weeks or months of time restoring backups. Besides, it’s certainly not necessary to throw out your entire current setup. Chances are you already have an extensive safety net of solutions in place, but it is equally likely that there are still some major loopholes in that net. Get the help of an expert who will look for blind spots in your security and propose an addition that makes maximum use of your existing IT infrastructure.
2. Triple extortion in ransomware
As if falling victim to a ransomware attack wasn’t bad enough, year after year cyber criminals manage to push the knife a little deeper into the wound. In the classic case, your data is encrypted and you pay a ransom to regain access to it. Some time later, a second layer was added: the threat that hackers had also stolen your data and would leak it online if you did not pay. So your problem was out in the open and your customers (and competitors) could see what data was up for grabs.
Today, a third layer has been added to this: those who don’t pay, get a DDoS (Distributed Denial of Service) attack over their network. While a ransomware attack is challenging enough on its own (after all, you’re focused on recovering your data, through backups or otherwise), you also have to worry about your network or website going completely down, resulting in even more unavailability, unemployment, loss of money and reputational damage.
Our tip: Set up a strict incident response playbook and stick to it
Recent Proximus[1] research shows that 43% of all Belgian companies have not yet set up a cyber incident response plan, or are in the process of doing so. In other words, almost half of our companies do not know what to do when disaster strikes. While the same research shows that 33% of all Belgian companies had to deal with a cyber incident last year.
As the approach of cybercriminals becomes more sophisticated, it is more important than ever to prepare thoroughly. If you take every possible measure to protect yourself or your company from a potential hack, but you don’t take any precautions for when things do go wrong, then all your efforts will have been in vain. With an incident response playbook, you can act immediately and not waste valuable time. Everyone knows their role and what measures need to be taken to prevent worse. Such a playbook can prevent significant reputational damage and save you money not only on recovery costs, but also on possible fines under the General Data Protection Regulation (GDPR) for stolen customer data. It is the key to effective response and recovery in the event of a cyber incident.
3. The AI hype is also reaching hackers
ChatGPT recently blew out its first candle. Copywriters, marketers, teachers and their students, the self-employed and almost everyone who occasionally struggles with written media (including code) praised the tool. Of course, it didn’t take long for cybercriminals to start using it as well. ChatGPT proved exceptionally useful for making existing malware more efficient, or simply writing new malicious code. Parent company OpenAI is also building other fun toys for “generative AI”: for example, Dall-E creates images on demand. Looking for a specific topic in a known style? Nothing is too crazy.
So it is becoming increasingly easy to create false images and misleading texts, and even unique voices are becoming easier and easier to mimic. Along regulatory lines, the very first “AI Act” was recently (finally) voted by the EU, but it remains to be seen how and especially how strictly it will be applied. And after all, what happens on the dark web, stays on the dark web, or how the AI Act is the least of cyber criminals’ concern.
Our tip: Awareness and education
The rise of AI makes it easier for criminals to create victims. Conversely, then, AI also makes it harder for end users to distinguish malicious messages and files from legitimate variants. More than ever, it comes down to being able to recognize the small details that give away the scam. Searching for spelling errors is no longer helpful, the real giveaways are in the email addresses of the senders, the URLs under the hyperlinks, … and of course the knowledge that if an offer looks too good to be true, it probably is.
The only way to assist people in an increasingly complex and dangerous digital world is to continually educate them. Awareness campaigns must reach them throughout the year and preferably on a committal basis. Despite the fact that anyone can fall into the trap, we still hear daily that “it won’t happen to me. Daily training is as indispensable as a well-stocked coffee machine in the workplace.
Moreover, thorough awareness training becomes mandatory in the upcoming NIS2 regulations. This requires organizations in key sectors to both take the necessary security measures and offer training to (executives). Since suppliers also come into the picture with this regulation, the spectrum for this obligation immediately becomes very broad – perhaps also for your organization.
A time of evolution
The start of the new year is the ideal opportunity to prepare for the dangers of the future as a company and an employee. In doing so, it is extremely important to take the time to analyze the past year and draw the necessary lessons. Where is there room for improvement? Are all the necessary security processes in place? Is there a clear recovery plan? If you are fully prepared, it certainly can’t hurt to put it to the test with a pen test (penetration test), for example. In this way, you will have a healthy, safe and more or less peaceful 2024.
[1] Source: https://cybersecurity.proximus.be/onderzoeksrapport-2022/resultaten