Top 5 Data Security Incidents of 2023 and Predictions for 2024
Notable trends and threats emerged in the cyber landscape of 2023, shaping cyber security’s direction. The growth of generative AI, as exemplified by applications such as ChatGPT, represented a watershed moment for artificial intelligence, demonstrating its potential while also introducing new concerns. The Zscaler ThreatLabz team’s investigation revealed an increase in AI/ML traffic and usage across companies, but this widespread adoption also presented issues. Ransomware attacks increased by 37% in 2023, indicating a shift towards encryption-less approaches, as demonstrated by the Clop ransomware’s enormous data theft using the MOVEit tool. Social engineering tactics became trickier with the integration of AI, emphasizing the need for heightened vigilance. The emergence of a new security paradigm, “zero trust architecture,” became imperative in response to outdated protective measures. As we transition to 2024, predictions foresee increased AI-powered attacks, smarter ransomware leveraging RaaS, rising MiTM threats, and adaptive responses to evolving regulations. Organisations are urged to fortify their defences, adopt advanced security measures, and embrace the dynamic landscape of cyber security.
Taking a backward look at the data security landscape of 2023 reveals a year filled with important incidents that have profoundly impacted the cyber security narrative. As we investigate the top five data security incidents that occurred, we obtain vital insights into the developing strategies of cyber attackers. Furthermore, we look ahead to 2024, anticipating the trends and problems that will shape the forthcoming year in the field of data security. Join us on this journey as we examine the past and predict the possible situations that will define the cyber security landscape in 2024.
Rewind to 2023: Cyber Trends and Threats
1. The Evolution of Generative AI in 2023
Looking back, 2023 was a crucial year for artificial intelligence (AI), marking its significant rise in our awareness. This period introduced both exciting possibilities and risks through generative AI technologies. Notably, applications like ChatGPT showcased the transformative power of AI and machine learning, changing how organisations operate.
In September, the Zscaler ThreatLabz team analyzed AI/ML and ChatGPT trends within enterprises throughout the year. They found clear increases in both AI/ML traffic and usage.
However, the widespread adoption of AI has a downside. Bad actors are now using AI to make phishing attacks more sophisticated, create hard-to-detect malware, and speed up the development of threats in various areas. This puts security leaders and organisations at a crossroads, needing to find the right balance between benefiting from AI’s progress and dealing with the challenges posed by AI-powered threats.
2. Resurgence of Ransomware in 2023
In 2023, ransomware had a big impact, becoming a worrisome trend. ThreatLabz research showed a significant 37% increase in ransomware attacks. These attacks demanded, on average, $5.3 million from businesses, and payments went over $100,000.
Ransomware groups became more advanced in 2023. ThreatLabz noticed an increase in attacks without encryption, making the process smoother for attackers. Without encryption, they could take data quietly before asking for a ransom.
A significant event in 2023 was the Clop ransomware attacking the MOVEit file transfer tool. This became the biggest data theft of the year, affecting 83 million people and almost 3,000 organisations. It shows that the supply chain is still a big vulnerability in business security, highlighting the ongoing challenges posed by evolving ransomware tactics.
3. Trickier Tricks with Social Engineering
Before, tricks that exploit people’s vulnerabilities were a problem, but now, with AI in the mix, these tricks are even more dangerous. AI made common tricks like phishing and smishing (SMS phishing) more advanced and effective. In 2023, there was a noticeable change: more scams involved voice messages, known as vishing (voice phishing). ScatteredSpider, linked to the BlackCat group, used this tactic and caused a lot of harm, especially to the gaming industry. Last year, we saw social engineering attacks changing quickly, and this makes it harder to find and stop them.
4. The Rise of a New Security Approach
The cyber security challenges in 2023 highlight a clear message for organisations: they need to update how they keep their information safe and adopt a new way of thinking called “zero trust architecture.” Old methods of securing information, such as classic virtual private networks (VPNs) and firewalls, cause more difficulties than they solve. These methods not only make it easier for cyber threats to attack but also make it harder for organisations to deal with advanced threats and the demands of cloud technology.
In 2023, there was a noticeable increase in problems with VPNs, and almost half of the organisations reported being attacked through their VPNs.
The good news is that 92% of these organisations are looking into or already using the zero-trust approach. This shows that more organisations are recognizing the importance of zero trust as a top priority in 2023.
5. Trouble with Business Tools
In 2023, bad actors started targeting the companies that provide essential tools for businesses. This shows that the wider digital network that supports businesses is becoming more vulnerable. Many tools that businesses rely on every day are connected, making them easier targets. The reasons behind these attacks vary, from wanting money to stealing important login information, and sometimes even for political reasons in the case of attacks by nations. This shift in focus on these tools highlights the importance for companies to go beyond just protecting their systems. The solution? Having a more advanced plan to manage risks from outside parties.
2024 Predictions: AI, RaaS, MiTM (and More)
1. AI-Powered Attacks on the Rise
In 2024, we expect more attacks using advanced AI technology. AI-driven tools will be widely used by cyber attackers to automate tasks like finding weak points in systems, crafting fake emails, and identifying vulnerabilities. This makes it easier for them to carry out attacks on a larger scale.
The use of AI in cyber attacks is concerning. There are reports of malicious versions of AI tools circulating on the dark web, indicating a potential rise in unethical AI use in cyber threats. In the U.S., where it’s an election year, it’s crucial to safeguard critical systems against AI-powered misinformation and other elusive attacks.
To stay safe, organisations need to be extra careful. This includes training employees to recognize social engineering and AI-specific threats, and holding vendors responsible for providing secure AI-powered cyber security. It’s a matter of using advanced AI and other techniques to protect our data, devices, and networks against these evolving cyber threats.
2. Ransomware Gets Smarter
In 2024, we expect ransomware attacks to become more advanced, thanks to something called Ransomware-as-a-Service (RaaS). This means even less skilled cyber criminals can use sophisticated tools to carry out successful attacks. There’s also a new trend where brokers help criminals get unauthorized access to networks, making it easier for them to launch attacks. Instead of encrypting data, attackers are using different tactics to avoid detection, making it harder for organisations to protect themselves.
To stay safe from these evolving threats, organisations need to focus on a zero-trust protection plan that covers every step of an attack, from the initial compromise to the actual attack. It’s all about being extra cautious at every stage to prevent these smarter ransomware attacks.
3. Watch Out for Middle-of-the-Road Attacks
In 2024, companies need to be careful about middle-of-the-road attacks, also known as Man-in-the-Middle (MiTM) attacks. These attacks could become more common if organisations don’t have a strong security system, like “zero trust architecture.” This is a concern because tools for these attacks are now more accessible to cyber criminals.
To stay safe from MiTM risks, such as unauthorized access and data theft, companies must use advanced security measures. This includes having a robust security system, thoroughly checking data communication, and using a special type of authentication called FIDO2 multifactor authentication (MFA). Without these safeguards, organisations might have vulnerabilities in how they communicate and verify user identities. Therefore, in 2024, companies must prioritize these security measures.
4. Guarding Against Attacks on AI Systems
In 2024, there’s a danger of attacks targeting vulnerable parts of AI systems. As different components of AI systems become more connected, both the starting and ending points could be at risk.
Attackers are figuring out new ways to exploit weak points beyond the usual methods. With companies increasingly using AI, especially large language models (LLMs), concerns about the security of the entire system are growing. If not adequately protected, AI systems can become targets for attackers looking to tamper with training data, manipulate updates, or insert harmful algorithms. This could provide a gateway for attackers to access a company’s data or systems.
To avoid these risks, companies must recognize the importance of having a robust and secure system, often referred to as a resilient supply chain. It’s vital to invest in protection against the serious consequences of an attack on the supply chain. This includes securing the parts of the system connected to the internet and implementing security controls to restrict attackers’ movements. In summary, companies need to approach this cautiously to protect not only their own AI systems but also those of the companies they collaborate with.
5. Changing Attacks Because of New Rules
When the U.S. Securities and Exchange Commission (SEC) introduces new rules, attackers might change their tactics. The SEC now requires companies to disclose important security breaches. In response, attackers may become even sneakier. They might use advanced methods to stay hidden, like tricky evasion techniques and encryption, to keep their access undetected for longer.
Also, they might target less important systems more often to stay under the radar, gather information, and quietly get more control. Trying to avoid disclosing breaches right away, attackers could focus more on exploiting vulnerabilities in third-party and supply chain systems. In short, the future might see attackers adapting to these new rules with smarter and more strategic approaches.
Conclusion
Finally, the retrospective study of the top five data security incidents in 2023 provides a critical basis for understanding the complex nature of cyber threats and their impact on organisations. These instances demonstrate the ongoing necessity for strong cyber security measures in an ever-changing digital ecosystem. Looking ahead to 2024, the forecasts offer a proactive look at anticipated obstacles and developing trends, directing stakeholders toward strategic and adaptable security approaches. As we approach the start of a new year, the insights garnered from the past and the foresight
CTA
With Cyber News Live stay informed and protect your digital assets in the ever-changing field of data security.