March 26, 2024 By Josh Nadeau 4 min read

As we work through the first quarter of 2024, various sectors are continuously adapting to increasingly complex cybersecurity threats. Sectors like healthcare, finance, energy and transportation are all regularly widening their digital infrastructure, resulting in larger attack surfaces and greater risk exposure.

Kaspersky just released their ICS CERT Predictions for this year, outlining the key cybersecurity challenges industrial enterprises will face in the year ahead. The forecasts emphasize the persistent nature of ransomware threats, the increasing prevalence of cosmopolitical hacktivism, insights about offensive cybersecurity and new logistics and transportation risks.

Below, we’ll unpack the key takeaways from this annual Kaspersky report and provide actionable insights on how organizations should start preparing for the year ahead.

Ransomware will remain the top concern for industrial businesses

Last year, ransomware attacks solidified their status as the largest information security threat. These attacks didn’t just disrupt digital systems but can also lead to significant real-world consequences.

Official statements from affected organizations revealed that 18% of ransomware on industrial business attacks led to a halt in the production or delivery of various products, including medical devices, power grids and transportation systems. The financial fallout from these attacks was substantial, with damage estimates reaching hundreds of millions of dollars in some cases.

Ransomware attacks will lead to severe economic and social consequences

There is now a worrying trend of cyber attackers starting to prefer larger, “upmarket” victims. This is because of their capability to pay substantial ransoms. This situation sets a dangerous precedent, considering that the majority of these organizations play a critical role in the global economy and infrastructure.

For example, a recent attack on DP World, the Dubai-based international container terminal and supply chain operator, completely stopped work at ports in Melbourne, Sydney, Brisbane and Fremantle. This incident blocked the delivery of approximately 30,000 containers and led to a major ripple effect in the global supply chain.

There will be new types of targets and new schemes for monetizing attacks

While potential ransomware victims are unlikely to become fully immune to attacks, they’re still regularly adopting new strategies to mitigate their impact more efficiently. However, suppose these measures result in victims paying less money less frequently. In that case, cyber criminals will be more than likely to innovate their approach and find new targets and methods for monetizing attacks.

One potential avenue for attackers is logistics and transportation. With many of the vehicles in corporate fleets using telemetry, remote diagnostics and other connected technologies, attackers may be able to infiltrate and control these systems by exploiting vulnerabilities in supply chain management software. This could potentially result in major disruptions to transportation networks and cause significant economic damage.

Increase in politically motivated hacktivism

Recent trends are indicating a surge in politically motivated hacktivism, with the FBI warning about increased Distributed Denial of Service (DDoS) attacks. 2022 saw a resurgence of hacktivism on a large scale, particularly in light of geopolitical conflicts such as Russia’s invasion of Ukraine.

However, hacktivism isn’t something new and has been more prevalent in recent years with no signs of slowing. The 2021 attacks on railways and gas stations in Iran claimed by a pro-Israeli hacktivist group and more recent attacks on irrigation systems in Israel and Unitronics Vision hybrid controllers in Vietnam are just some examples of politically motivated cyberattacks.

As political tensions escalate, the threat level posed by politically motivated hacktivism could reach much higher, affecting a wider range of industries and businesses.

Widespread use of offensive cybersecurity

Organizations are turning to more proactive methods of protecting their systems and data as new threats emerge, including strict access controls and data encryption. This includes the use of offensive cybersecurity techniques, including penetration testing, bug bounties and red teaming exercises —  in other words, offensive cybersecurity.

Offensive cybersecurity involves actively seeking out vulnerabilities and weaknesses before they can be exploited by attackers. It gives users signs of potential compromise directly from attacker-controlled networks, the dark web and other sources. By adopting offensive cybersecurity practices, organizations can stay one step ahead of actors.

However, the widespread use of offensive cybersecurity also has potential downsides. As it becomes the new norm, the development of offensive cyber intelligence may blur the line between legal and illegal activities. If not regulated properly, offensive cybersecurity could lead to a “cyber arms race” where organizations and governments continuously try to outdo each other in terms of cyber capabilities.

Rapid automation and digitization of logistics and transport may lead to larger security issues

As the logistics and transportation industry rapidly adopts automation and digitization, security is a growing concern. Expanding digital attack surfaces could cause conventional offenses like auto theft, maritime piracy and smuggling to increase as well.

For example, modern cars might face higher risks of cyber theft since they have much more digital technology integrated into them. This also extends to cargo ships and planes. Recent incidents targeting Automated Tracking Systems in the Red Sea and the Indian Ocean, or the 2020 cyberattack on Iran’s Shahid Rajaee port terminal, highlight system vulnerabilities that need to be addressed.

What these predictions mean for organizations

As the cybersecurity landscape continues to shift, organizations must respond proactively to protect their data, operations and reputation. Here’s what these predictions mean for them.

Incorporating more effective ransomware response strategies

The increasing prevalence of ransomware attacks means organizations must be prepared. This involves not only implementing strong preventative measures but also having a comprehensive response strategy in place.

Companies should consider investing in services like threat intelligence and incident response, as well as conducting regular backups of critical data in off-premise storage facilities. Employee training is equally crucial, as many ransomware attacks stem from successful phishing attempts or social engineering that proper education could have prevented.

Prioritizing Investment in cybersecurity initiatives

Improving cybersecurity efforts regularly has become a business requirement for organizations. This includes upgrading existing security systems, implementing modernized security technologies and hiring professional cybersecurity staff.

In the same light, businesses must be aware of current cyber dangers and maintain the integrity of their current security systems so they can respond effectively, year after year.

Strengthening supply chain security measures

As businesses become more interconnected, supply chain security is a major concern. Organizations should ensure that their suppliers and partners comply with strict cybersecurity requirements to avoid exploiting any possible vulnerabilities.

Regular audits and risk assessments help identify potential vulnerabilities and control them before attackers exploit them while building trustworthy partnerships contributes to better supply chain security overall.

Building “offensive cybersecurity” tactics into defense strategy

Unlike traditional defensive security tactics that “react” to cyber threats, offensive cybersecurity introduces a forward-looking approach that aims to disrupt potential cyberattacks before they become a major risk.

This lateral movement in security involves active engagements like threat hunting, conducting detailed vulnerability assessments and performing penetration testing to uncover weaknesses. The strategic application of artificial intelligence and machine learning technologies also helps in analyzing large datasets to spot emerging threat patterns.

Keeping up with evolving threats

Given the growing severity of cyber threats, organizational approaches to fighting them must evolve to stay ahead. By investing in your organization’s cybersecurity programs and laying the groundwork for an effective threat response, you can significantly reduce your attack surface while keeping critical operations secure.

Threat Intelligence Index report 2024

More from Risk Management

How TikTok is reframing cybersecurity efforts

4 min read - You might think of TikTok as the place to go to find out new recipes and laugh at silly videos. And as a cybersecurity professional, TikTok’s potential data security issues are also likely to come to mind. However, in recent years, TikTok has worked to promote cybersecurity through its channels and programs. To highlight its efforts, TikTok celebrated Cybersecurity Month by promoting its cybersecurity focus and sharing cybersecurity TikTok creators.Global Bug Bounty program with HackerOneDuring Cybersecurity Month, the social media…

Roundup: The top ransomware stories of 2024

2 min read - The year 2024 saw a marked increase in the competence, aggression and unpredictability of ransomware attackers. Nearly all the key numbers are up — more ransomware gangs, bigger targets and higher payouts. Malicious ransomware groups also focus on critical infrastructure and supply chains, raising the stakes for victims and increasing the motivation to cooperate.Here are the biggest ransomware stories of 2024.Ransomware payments reach record highRansomware payments surged to record highs in 2024. In the first half of the year, victims…

83% of organizations reported insider attacks in 2024

4 min read - According to Cybersecurity Insiders' recent 2024 Insider Threat Report, 83% of organizations reported at least one insider attack in the last year. Even more surprising than this statistic is that organizations that experienced 11-20 insider attacks saw an increase of five times the amount of attacks they did in 2023 — moving from just 4% to 21% in the last 12 months.With insider threats on the rise, it’s critical for businesses to recognize the real dangers that originate from inside…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today