What 2024 Holds for Cyberattacks

Cybersecurity has been a constant concern for all of us, and in 2024, it will be no different. In fact, with the evolution of cyber threats and the increasing interconnectedness of our lives, cybersecurity will become an even more pressing issue.

One of the key factors is the increase in the attack surface that cybercriminals can impact. Before, the only thing that could be attacked was a computer, either at home or in the workplace. Viruses that spread through storage devices were common, but when we started to be connected to the internet, viruses were able to infect through unsecured connections  — many of us remember Ares, where you would download a song or a virus and your information was lost.

Up to that time, everything remained within the computers. Now, computers, cellphones, printers and almost any device connected to the internet can be attacked. Just to give you an idea, in Mexico there are 100.6 million users accessing the internet from different devices. Of all these users, 95.9% access the internet through mobile devices, with an average usage of 8 hours and 7 minutes, meaning the possibilities for information theft are too many.

Cybersecurity is becoming increasingly relevant during discussions at the World Economic Forum in Davos. Sessions are focused on the subject because the risks in this context are becoming increasingly relevant for companies and governments.

Social Engineering the Main Weapon of Attack

In 2024, social engineering will be the main weapon that cybercriminals will develop to attack companies, governments and individuals. Social engineering is the psychological manipulation of people to make them perform actions or share confidential information. A classic example, and outside the digital environment, are the supposed calls from the bank informing us about unauthorized charges and then asking for access to our information. The reason these calls are successful is because they use psychological principles to pressure the person to perform an action. But this has moved to the virtual plane and we see these tactics in emails, SMS messages, and even in WhatsApp messages.

The different methods of social engineering give rise to ransomware, which is a form of malicious software that blocks the user's files or devices. The cyberattacker then demands an online payment to allow  companies or individuals to recover that information. In this way, we could see attacks on companies like Uber or those similar to the famous case of the Guacamaya Leaks. In 2024, this will be more common as cybercriminals improve these social engineering processes, and begin to create malicious software capable of constantly changing its identifiable characteristics to evade detection (polymorphic malware).

AI as a Weapon for Cyberattacks

Beyond the controversy caused by applications with artificial intelligence (AI), some of these tools can be used by attackers as support in the creation of a plan for a socially engineered cyberattack; for example, AI can be used to generate phishing messages and to impersonate specific individuals. Attackers can develop automation methods by collecting data online and sending it to LLMs (Large Language Models or Large Language Models specialized for AI) in order to produce draft letters imitating the personal style of someone close to the victim.

The Cloud as Main Cyberattack Concern

The massive use of cloud platforms is enabling companies to change their business models and drive new forms of growth, but it is also causing a significant increase in security concerns among executives. Behind this concern are the multiple attack vectors that the cloud opens up and the numerous controls that companies must put in place to protect themselves in areas such as identity and access, email accounts, web portals, applications, operating systems, customer interactions, and so on.

It is worth remembering that being in the cloud, the responsibility for security is shared, so it falls on the service provider, but the client and its users are also jointly responsible for the correct use of this service.

Is it possible to avoid becoming a victim of social engineering?

Social engineering attacks are particularly difficult to counter because they are designed to exploit human traits, such as curiosity, respect for authority or the desire to help a friend.

According to PWC's Digital Trust Insights 2024 study, 7 in 10 senior executives, 69%, say their company plans to use generative AI for its cybersecurity strategies in the next 12 months. Forty-seven percent, nearly half, are already using it for cybersecurity risk detection and mitigation, and one-fifth, 21%, of respondents are already seeing benefits in their cybersecurity programs thanks to GenAI, just a few months after its public debut.

If your company has a comprehensive, end-to-end prevention, backup and recovery plan in place, it is less likely to fall victim to an attack that ends in ransomware. However, for companies without the right backup and recovery solutions in place, paying the ransom may seem quicker and easier. Only paying the ransom comes with no guarantees and often, that data is not recovered. Protecting your organization from the effects and costs of a social engineering attack means being prepared at every point in the cycle of a cyberattack intended to attack with ransomware. That includes having plans for before, during and after an attack. The main point is to shield all digital assets.