6 Top Cybersecurity Threats of 2024

Every year sees new and evolving threats. As we contemplated the top cybersecurity threats of 2024, the rapid evolution of AI capabilities means this year is poised to see more changes than usual. Read on to learn our expert team’s picks for the top cybersecurity threats of 2024 and how your organization can reduce your risk.

Our Predictions for the 6 Top Cybersecurity Threats of 2024

1. Cloud concentration
2. Software vulnerabilities
3. Evil AI
4. Bring Your Own AI (BYOAI)
5. Evolving regulations (OK, this one is a trend, not a threat)
6. Hacktivism and geopolitical threats

Let’s jump right into the details on these top cybersecurity threats of 2024 and how you can proactively prepare to reduce your organization’s risk.

1. Cloud concentration

Cloud use is ubiquitous in today’s business environment—it’s cost-effective and efficient. Gartner predicts that by 2025, 95% of new digital workloads will be deployed on cloud-native platforms. However, as more applications, sensitive data, and on-premises processes move to the cloud, your organization can be highly dependent on your cloud provider(s) to run normal daily operations. With many organizations focusing on a small number of providers to simplify IT management, we agree with Gartner that cloud concentration is a top emerging risk.

If your cloud provider(s) is compromised, there is a wide “blast radius” that can paralyze your organization. For example, over 94 million individuals and 2,700 organizations have been impacted by the 2023 vulnerability in the MoveIT security file transfer application, which is used both in the cloud and on-prem (often by third-party technology vendors). That number is still rising, many months after the initial exploit was announced.

In addition, concentrating services with one provider can restrict your future technology choices and potentially create certain regulatory compliance challenges. To limit your risk from this top cybersecurity threat in 2024, read LMG’s Top Controls of 2024. In particular, make sure you have an effective Supplier Risk Management program and conduct a Data and Asset Inventory (so that you can reduce your data and therefore reduce your risk).

2. Software vulnerabilities

From known exploits to zero-day exploits, hackers target software and its components to break into your systems. The CISA Known Exploited Vulnerabilities Catalog now has over 1,000 known vulnerabilities. Furthermore, exploit kits are easy and cheap to purchase on numerous dark web marketplaces, so even less skilled criminals can quickly and easily exploit software vulnerabilities. From breached libraries like Log4J to zero-day exploits, you will likely face several software vulnerabilities in 2024. While our Zero-Day Prevention and Response Checklist provides more detailed information and action items, here are several controls you can implement to reduce your risk of being breached using this top cybersecurity threat in 2024:

1. • Ensure you have a scanning and vulnerability management solution. These solutions enable you to reduce your risk by routinely scanning your environment and effectively managing vulnerabilities.
   • Conduct penetration testing. Regular penetration testing is crucial for a strong cybersecurity posture. It enables ethical hackers to find your security gaps before criminals exploit them and helps you understand and effectively prioritize your cybersecurity investments. Some organizations think these gaps can be identified by the vulnerability scans we mention above, but penetration testing goes much further and catches errors scans can’t find. For example, in January of 2024, Microsoft discovered that Russian hackers had infiltrated their systems through a password spraying attack (likely due to a weak or old, breached password). The attackers initially breached Microsoft in November of 2023 by exploiting a legacy/test system that did not have the same controls as their production environment. Exploiting legacy/test systems is a common attack target because it is so often effective. Once the attackers exploited the test environment, they moved to a production platform and ultimately gained access to sensitive information, including emails of Microsoft leadership. To prevent this type of attack, see LMG’s list of Top Security Controls for 2024. Specifically, schedule an annual penetration test to proactively find security gaps, implement strong Multi-Factor Authentication (MFA), configure Identity and Access Management (IAM), and conduct cloud configuration reviews to identify misconfigurations or outdated security controls.

3. Evil AI

It’s no surprise that the advances in AI and its integration into cybersecurity offense and defense are evolving rapidly. As organizations work to refine AI’s security precautions, criminals are working just as hard to develop “Evil AI”. In fact, LMG’s research team recently went to the dark web to buy a license for an Evil AI product, WormGPT, to test the current capabilities. Our research team found that WormGPT can quickly and effectively generate malware, create sophisticated vulnerability exploits, generate error-free phishing campaigns, and offer step-by-step guidance on hacking. Evil AI will be a top cybersecurity threat in 2024 because it will enable even minimally skilled attackers to quickly create high-quality phishing emails with minimal spelling and grammar mistakes, malicious code, and more.

The image screenshot was taken in the LMG malware lab and shows an online dark web advertisement for WormGPT.

To combat Evil AI, you need a strong security posture. It’s critical to ensure your employee awareness training focuses on today’s evolving threats, as they are your first line of defense. Phishing is getting harder to spot, so regularly send reminders to be on the lookout for phishing, use high quality MFA and passwordless authentication wherever you can, and educate your team on social engineering attacks. Read our employee social engineering training tips and our update on the state of passwordless authentication for more tips.

4. BYOAI – Bring your own AI

Like shadow IT, often organizations don’t know employees are using AI at work. Many employees now regularly upload notes and information into personally controlled AI services to generate articles, meeting summaries, email content, and much more. While these productivity gains are great for everyone, the downside is that if employees feed your organization’s sensitive or private data into the AI, it can be used as part of the AI’s training data and be publicly disclosed. In addition, if the employee’s AI account is hacked, any information they entered can be disclosed. To counter this risk, many companies are banning AI use until they have policies and controls in place.

5. Evolving regulations and standards

While increased regulation is not a threat, this trend will continue to impact cybersecurity practices for many organizations in 2024. From SEC breach disclosure rules to FTC qualified cybersecurity leadership requirements to upcoming NIST 2.0 changes, changing regulations and standards are impacting many organizations. There are many additional updates planned for 2024. Here’s a list of some anticipated changes that could impact your cybersecurity program:

• • March 31: PCI DSS 4.0 is scheduled to be released (while PCI DSS is not a regulation, it is a standard that impacts organizations that process payment cards).
  • May 13: New FTC data breach reporting rules are anticipated.
  • June 15: SEC is expected to release cybersecurity reporting rules for smaller companies.
  • July 1: Three new state data privacy laws are scheduled to go into effect in Florida, Texas, and Oregon.

To address changing requirements for skilled cybersecurity leadership, many small and medium-sized organizations may be best served by starting with a virtual, outsourced CISO. IBM found that having a skilled CISO decreased the average cost of a breach by $130,086. However, hiring a full-time CISO is difficult (they are in short supply) and expensive. Many SMBs can get the guidance they need and satisfy regulatory requirements with a part-time, virtual CISO. This enables you to save money while still getting the expert guidance you need to reduce cybersecurity risk.

6. Hacktivism and Geopolitical Threats

While most years see a relatively small number of geopolitical attacks compared to financially motived attacks, the Russian-Ukraine war and rising conflicts in the Middle East have boosted hacktivism and geopolitical threats onto our list of top cybersecurity threats for 2024. These attacks are not new: back in 2016, Russian attackers targeted the Ukraine with the NotPetya attack, which ultimately spread throughout the world and caused an estimated $10B worth of losses. Today, nation-state hackers continue to target critical infrastructure like water supplies, gas pipelines, and more to influence national security. For example, in 2023, a Russian hacking group broke into the Ukraine’s largest telco provider. They hacked the system, then waited until a critical point in the war to wipe data and disabled multiple communications systems. We predict cyberwarfare will be more prevalent in 2024, which raises risk throughout the world.

In the US, the FBI has been warning for the past year that hackers continue to target US critical infrastructure. The upcoming U.S. presidential election is adding to the risk, triggering new types of scams and cyberattacks. For example, a robocall went out during the New Hampshire primaries that used an AI-generated deepfake of Biden’s voice telling Democrats to stay home and not vote.

In today’s global economy, cyberattacks often spread, and the fallout can have both targeted and worldwide impacts. The best defense against these attacks is a strong overall cybersecurity posture.

We hope you found these predictions for the top cybersecurity threats of 2024 helpful! We recommend you take proactive steps to counter these threats and reduce your organization’s risk. Check out our Top Controls of 2024 for a list of the tools and controls that we predict will deliver the biggest impact and help combat these threats. Stay tuned for our weekly blogs and quarterly security control analysis for continued guidance to reduce your organization’s risk. You can also follow us on LinkedIn where we share news, cybersecurity tips, and more. If you’d like more details and proactive prevention advice for these top threats, please watch our 1-hour, on-demand video of the 6 Top Cybersecurity Threats of 2024.

We know managing all of these processes and solutions is a lot. Please contact us if you need help. Our expert team can help you decide what to do next or support you with expert testing, policy and process guidance, cybersecurity solutions, and training. Have a safe 2024!