“The year to come will pass by quickly, and I’m getting prepared: here’s what’s new”
Lucio Dalla
The 2023 disaster
Even in this year that has just ended, Italy has been cornered by cyber attacks.
Indeed, in our country, there has been a 40% increase in incidents compared to 2022, in contrast with the global trend of the last five years, in which the increase has been 11%.
Although we have already talked about it in this blog, with the beginning of the new year it is important to briefly recall the data that emerged from the update of the Clusit report for the first six months of 2023, which saw, as of 2018, an overall increase in incidents in Italy, which rose to 300%, compared to 61.5% globally.
Over the five years, 505 known attacks of particular gravity affected Italian organisations, of which 132 – or 26% – occurred in the first half of 2023.
During this period, 9.6% of the world’s attacks have been successful in our country.
While we thought that 2022, with its 188 attacks, which already constituted a negative record for our country – marking a growth of 169% compared to 21% worldwide – had made it a bleak year, the first part of 2023 certainly held a nasty surprise, registering frightening numbers, despite the considerable increase in spending on cybersecurity and the numerous outreach and awareness-raising initiatives.
The outlook for 2024
With this in mind, we try to take a look at the year ahead, thanks to the contribution provided by the Cyberthreat Predictions for 2024 report, prepared by the Fortinet team.
What immediately becomes evident is the new attack methods that are “adapting” to Artificial Intelligence, whose presence we are getting used to living alongside in all areas of our lives, and which is greatly facilitating cybercriminals.
There is, in fact, a growing use of AI by hackers to support malicious activity in new ways, ranging from the circumvention of the detection of social engineering to the imitation of human behaviour. Thanks to the growing capabilities of the tools at their disposal, hackers will be able to increase the level of sophistication of their activities by launching more targeted attacks that will probably be able to evade the different types of controls.
Future threat trends
Increasingly attractive strategic sectors.
Cybercrime groups, in general, are expected to diversify their targets and strategies, focusing on more sophisticated and disruptive attacks and targeting denial-of-service (DoS) and extortion. This is why the most interesting sectors to target will increasingly be large and strategic ones, such as health, finance, transport and, in general, public utility services, which, if breached, can generate a very strong negative impact on the entire community and, consequently, a much more substantial profit for hackers.
Zero-day, an increasing risk.
As technology develops, organisations expand the number of platforms, programs, and applications they rely on for day-to-day business operations. The consequence of this is that cybercriminals have more opportunities to discover and exploit software vulnerabilities. In 2023, the emergence of a record number of zero-day attacks was observed, a figure that is constantly increasing.
Zero-day is defined as a cybersecurity vulnerability not expressly known to the developer or production company. It is called zero-day precisely because it has been zero days since the vulnerability was discovered by the developer, who had “zero days” to repair the flaw before any attackers could exploit it.
Researchers expect to see the emergence of zero-day brokers, which are cybercrime groups that sell these types of threats on the dark web to multiple buyers. For these reasons, zero-days will continue to pose a significant risk to organisations as well.
Watch out for big events
2024 will be the year of the American presidential election and the Paris Olympics. Experts expect that the attackers will take advantage of these great events and that they are already preparing to face them, armed, compared to the past, with new tools such as artificial intelligence.
The risk of 5G
Attackers will inevitably continue to expand the set of tactics, techniques, and procedures (TTPs) they use to compromise their targets. Moreover, with access to an ever-widening range of connected technologies, cybercriminals will inevitably find new opportunities for compromise. Given the increasing number of devices that are online every day, it is expected that cybercriminals will take greater advantage of connected attacks in the future. A successful attack against 5G infrastructure could easily compromise critical sectors such as oil & gas, transport, public safety, finance and healthcare.
The increasingly important human factor
Risk awareness is increasingly widespread in organisations and, as a result, security controls are becoming more structured and effective. It is an approach that makes life more difficult for hackers that aim to infiltrate from the outside. For this reason, the criminals will intensify the internal recruitment of the target, strengthening both the reconnaissance phase and the development phase of the malware specific to certain vulnerabilities. Organisations, therefore, will have to create not only technological barriers, but above all human ones, in order to avoid opening the door to criminals. In particular, Italy, as we have seen, also due to a complex and varied economic situation, still experiences many vulnerabilities, largely due to the human factor, which remains, despite greater widespread awareness, the weakest link in the security chain.
Winning the challenge: the wish for 2024
What we need to do, therefore, is to focus on the human factor, strengthening it and transforming it into a solid barrier that is difficult to circumvent. The way forward is to prepare and roll out as much as possible training and effective Cyber Security Awareness programs, in which the use of innovative technologies in the fields of multimedia, artificial intelligence and machine learning are fundamental tools for a truly effective and measured training based on individual people.
It is, indeed, increasingly necessary to create a culture of cybersecurity, transforming the latter into a subject of teamwork and a goal for everyone, and not just the most experienced and specialised individuals.
Every user, supplier, and employee must be able to play their part in the fight against cybercrime by transforming from a weak link into a solid barrier that can complicate life as much as possible for increasingly cunning and slick criminals.
It is a difficult challenge, but one that can absolutely be won, with the right preparation and commitment.
This is our wish for 2024.
