Exfiltration ‘ransomware’ activity is just one of the threats companies will face this year.
Cybersecurity will continue to be a hot topic throughout this year. Many of the challenges facing enterprises during 2023 will still be present in 2024. According to Hiscox C3, the division of Hiscox that specializes in cybersecurity, there are five challenges that companies should focus on.
The first of these is the “rise of data exfiltration ransomware.” Criminals now prefer to blackmail in exchange for not leaking stolen information rather than encrypting files to demand a ransom for their release. Experts believe that cybercriminals will demand increasingly large payments for not disclosing confidential data.
Secondly, the “positive and negative aspects of artificial intelligence (AI)” must be taken into account at a time when the presence of this technology is growing thanks to the democratization of the major language models. On the one hand, it is a solution that enhances protection tools, the analysis of user activity and the automation of threat detection. But on the other hand, attackers leverage its capabilities to create tailored malware or run more realistic phishing campaigns.
“Payment diversion fraud continues to be a challenge,” adds Hiscox C3, about a cybercrime technique that involves manipulation to “induce employees to divert payments to fraudulent accounts.”
Another challenge is “political activist management” and actions that have patriotic or state advocacy undertones. “Groups of threat actors with ideological motivations have disrupted, and will continue to disrupt in 2024, various sectors both public and private such as banks, businesses, hospitals, railroads and government services,” the subject specialists warn. And “there is a possibility that these cyber-attacks could spread to organizations that are not involved in the conflicts”.
Finally, it has been detected that “advanced malware avoids detection” through procedures that do not generate alerts in order to go unnoticed. There is a real danger that this year malware is becoming more sophisticated and difficult to discover.
“All this puts companies in check regardless of their size, so in 2024 the purpose of companies should be to bet on investment in cybersecurity as their digitization increases, as well as on employees and their awareness and training, as they are the main targets of attacks and the weakest links in the chain,” notes Ana Silva, head of Cyber Product Underwriting at Hiscox Iberia.