Key Innovations Set to Revolutionise Cybersecurity for Enterprises in 2024

The incidents of malicious actors impeding sensitive organisational data for their benefit have been massive in the META region in 2023. All this happened due to the existing data security tech stack that wasn’t capable enough to reduce the attack surfaces or counterpart the innovative malicious activities. 

Highlighting the outcomes of these cyber threats, Kaspersky unveiled some cybersecurity review for the META regions at the 9th Cyber Security Weekend. According to the Kaspersky Security Networks (KSN)’s insights, 32.6% of ICS computers globally have been attacked with malware in the second half of 2023. 

Here is how these cyber thefts have significantly increased in the META region for the year 2023. 

How do ransomware attacks continue to challenge industrial cybersecurity in the META region?

Adding to his concern about the emerging cyber thefts, Evgeny Goncharov, head of Kaspersky ICS CERT, emphasised, “The industrial sector’s cybersecurity is continuously going through significant changes, with both new types of attacks and more sophisticated versions of old ones. Ransomware attacks are still a big problem, and hackers are getting better at targeting large, profitable companies with more advanced methods.” 

“Hacktivists who are motivated by social issues are also becoming more active, adding another layer of complexity to the threats. The transportation and logistics industry is especially vulnerable to these changes because its systems are becoming more and more digital. This combination of cyber and traditional crime is a serious threat to global supply chains. To protect themselves, organisations need to prioritise cybersecurity and keep improving their defences,” Evgeny added further.  

What will transform the cybersecurity landscape of industrial enterprises in 2024?

Kaspersky’s ICS CERT predictions for 2024 highlight the persistence of ransomware threats, a rise in cosmopolitical hacktivism, an outlook on the state of “offensive cybersecurity”, and transformative shifts in logistics and transport threats.

This analysis provides a foundation for understanding the cybersecurity challenges faced by industrial enterprises in 2024. Enlisted below are a few key takeaways from the report: 

Ransomware will continue to target high-value entities

Industrial enterprises are expected to be primarily concerned about ransomware. Large companies, unique product suppliers, and major logistics firms are at high risk of cyberattacks, causing severe economic and social consequences. Malicious actors are likely to target entities capable of substantial ransom payments, leading to disruptions in production and delivery.

Cosmopolitical protest hacktivism to rise significantly

Geopolitical hacktivism will see a significant surge, causing more destruction. Cosmopolitical hacktivism will rise, driven by social, cultural, and economic agendas. This diversification of motives will make the threat landscape more complex.

Subtler threats and detection challenges to grow

Using “offensive cybersecurity” to gather cyber threat intelligence can be controversial. It may enhance security by detecting potential compromises during the initial stages. However, there is a fine line between the gray area and the shadows that could be crossed. Profit-driven cyber activities equipped with commercial and open-source tools may operate more discreetly, making it difficult to detect and investigate.

Connected and automated logistics system to foresee shifts in cyber threats

The logistics and transport industries will continue to experience challenges due to rapid automation and digitisation. These challenges include theft of vehicles and goods, maritime piracy, and smuggling. Additionally, non-targeted cyberattacks will have physical consequences, particularly in river, sea, truck, and special-purpose vehicles.

Summing it up, 

The malicious actors will continue to implement innovative tactics to steal the organisational data in 2024. Consequently, it will push the IT and cybersecurity teams within the company to incorporate effective data security practices that reduce the attack surface.