As technology continues to evolve and expand its reach into every facet of our lives, so do the threats posed by cyber criminals and nation-state actors. In our Google Cloud Cybersecurity Forecast 2024, we note several cybersecurity trends that organizations should prepare for in the coming year.
The rapid advancement of AI technologies will enable attackers to create more convincing fake audio, video, and images to conduct large-scale phishing and disinformation campaigns. These operations will likely involve impersonating executives in fraud schemes, spreading political misinformation, and sowing social discord. Defenders will need to stay sharp to identify manipulated media and mitigate the risks.
The forecast also warns that ransomware and extortion operations will continue to plague enterprises worldwide. Despite a stagnation in ransomware growth in 2022, numbers are quickly climbing in 2023. The profitability of these attacks means threat actors have strong incentives to continue compromising networks and stealing sensitive data. Organizations should ensure they have offline backups, incident response plans, and employee cybersecurity training to limit the business disruption caused by ransomware.
Threat actors will increasingly target cloud environments to establish persistence and move laterally between hybrid or multicloud segments of victim environments. Misconfigurations and identity flaws will be exploited to jump across cloud boundaries and escalate access. Companies need to properly secure cloud resources, manage identities, and monitor for suspicious internal activity.
Supply chain compromises affecting software and dependencies are also expected to persist. Developers are increasingly targets for threat actors seeking to initiate compromises via widely used open source packages. Rigorous vetting of third-party code and monitoring of package registries can help reduce this risk.
We have observed an increase in zero-day vulnerability exploitation since 2012, and 2023 is on track to beat the current record, set in 2021. We expect to see more zero-day use in 2024 by both nation-state attackers as well as cyber criminal groups. Organizations can implement zero-trust policies to limit the potential impact of a zero day prior to patch release. Once available, companies should prioritize implementing recommended mitigations and patches for actively exploited vulnerabilities.
Paying attention to trends in threat activity from industry experts can help security teams anticipate risks, prioritize internal plans for IT infrastructure and policy changes based on a holistic understanding of their organization’s unique threat profile, and proactively strengthen defenses before disaster strikes. With proper preparation, companies can effectively manage cyber risks even as the threat environment grows more complex.