Derek Manky , Chief Security Strategist and VP of Global Threat Intelligence at FortiGuard Labs , discusses new threat trends to watch out for in 2024 and beyond .

ith the growth of

Cybercrime-asa-Service ( CaaS ) operations and the advent of Generative AI , threat actors have more ‘ easy ’ buttons at their fingertips to assist with carrying out attacks than ever before .

By relying on the growing capabilities in their respective toolboxes , adversaries will increase the sophistication of their activities . They ’ ll launch more targeted and stealthier hacks designed to evade robust security controls , as well as become more agile by making each tactic in the attack cycle more efficient .

In our 2024 Threat Predictions Report , our FortiGuard Labs team looks at a new era of advanced cybercrime , examines

Derek Manky , Chief Security Strategist and VP of Global Threat Intelligence at FortiGuard Labs how AI is changing the ( attack ) game , shares fresh threat trends to watch for this year and beyond and offers advice on how organisations everywhere can enhance their collective resilience against an evolving threat landscape .

The evolution of old favourites

We ’ ve been observing and discussing many fan-favourite attack tactics for years and covered these topics in past reports . The ‘ classics ’ aren ’ t going away – instead , they ’ re evolving and advancing as attackers gain access to new resources .

For example , when it comes to advanced persistent cybercrime , we anticipate more activity among a growing number of Advanced Persistent Threat ( APT ) groups . In addition to the evolution of APT operations , we predict that cybercrime groups , in general , will diversify their targets and playbooks , focusing on more sophisticated and disruptive attacks and setting their sights on denial of service and extortion .

Cybercrime ‘ turf wars ’ continue , with multiple attack groups homing in on the same targets and deploying ransomware variants , often within 24 hours or less . In fact , we ’ ve observed such a rise in this type of activity that the FBI issued a warning to organisations about it earlier this year .

And let ’ s not forget about the evolution of Generative AI . This weaponisation of

AI is adding fuel to an already raging fire , giving attackers an easy means of enhancing many stages of their attacks . As we ’ ve predicted in the past , we ’ re seeing cybercriminals increasingly use AI to support malicious activities in new ways , ranging from thwarting the detection of social engineering to mimicking human behaviour .

Fresh threat trends to watch for in 2024 and beyond

While cybercriminals will always rely on tried-and-true tactics and techniques to achieve a quick payday , today ’ s attackers now have a growing number of tools available to them to assist with attack execution . As cybercrime evolves , we anticipate seeing several fresh trends emerge in 2024 and beyond . Here ’ s a glimpse of what to expect :

Give me that big ( playbook ) energy : Over the past few years , ransomware attacks worldwide have skyrocketed , making every organisation , regardless of size or industry , a target . Yet , as an increasing number of cybercriminals launch ransomware attacks to attain a lucrative payday , cybercrime groups are quickly exhausting smaller , easier-tohack targets . Looking ahead , we predict attackers will take a ‘ go big or go home ’ approach , with adversaries turning their focus to critical industries-such as healthcare , finance , transportation and utilities – that , if hacked , would have a sizeable adverse impact on society and make for a more substantial payday for

74 www . intelligentciso . com