The Cyber Defense eMagazine February Edition for 2024

vulnerabilities. Recent media reports have shown that while new vulnerabilities continue to be discovered,
recent attack trends focus on weaponizing old vulnerabilities.
Reports in 2021 suggested cyber attackers were targeting companies with cybersecurity insurance,
explaining that companies with insurance were thought to be more likely to pay ransoms than those
without since the policy covered their losses. While it is difficult to prove the logic, it has led some
insurance companies to exclude ransomware attacks from cyber insurance policies, forcing organizations
to rethink their strategies for responding to such attacks.
In terms of ransomware targets, healthcare organizations were reportedly the most frequently attacked
during 2022, with critical manufacturing attacks ranking second on the list and government facilities
ranking third. In 2023, healthcare remained a top target, though some experts predict a shift in 2024,
marking the education sector as a new priority target.
IoT security
A report issued in 2023 on IoT security revealed that the average home in the US has 46 devices
connected to the internet. Every 24 hours, those devices were targeted by an average of eight attacks,
including DDoS attacks and IoT malware. Experts expect IoT attacks to continue to rise in 2024 due to
the lack of standardized security standards in the IoT industry.
The trend toward remote and hybrid work is expected to continue in 2024 means IoT vulnerabilities are
a growing concern for many organizations. IoT vulnerabilities can give hackers access to employees’
home networks, which are now frequently connected to work networks. Trends in IoT-related
cybersecurity include enhanced training on cyber threats for employees.
AI-driven attacks and defenses
As the capacity and availability of artificial intelligence tools have grown, both cyber attackers and cyber
security experts have found creative ways to apply them to further their goals. For example, AI-powered
tools can be used to analyze security systems and uncover vulnerabilities, an exercise that can help both
attackers and defenders.
Generative AI tools like ChatGPT are predicted to play a role in crafting more effective cyberattacks in
2024, especially in the area of social engineering attacks. Generative AI tools can analyze communication
patterns and assist cyber attackers in preparing messages with a higher chance of fooling victims. AI’s
ability to support deepfake audio recordings could also be used to improve the effectiveness of vishing
attacks in 2024. To respond to improved social engineering attacks, zero trust will become a normal part
of corporate cyber security policies.
Experts are also predicting that AI-powered tools could be used to address the ongoing workforce
shortage in the cybersecurity space. AI-powered automation could manage security tasks that involve
analysis of large data sets, such as scanning files for signs of malware or monitoring network activity to
Cyber Defense eMagazine – February 2024 Edition 80
Copyright © 2024, Cyber Defense Magazine. All rights reserved worldwide.