In 2023, cybersecurity became a huge focus for businesses. Across all sectors, cyber-attacks carried out by criminal groups have caused havoc, damage and disruption for businesses of every size.

Cybercrime has become a lucrative undertaking for these groups, with recent reports indicating that the true global cost of cybercrime could reach $10.5tn by 2025, making it the planet’s most costly crime. So, as we move into the early parts of 2024, the question is: will anything change in the next 12 months?

If you were hoping for a positive answer, the stark reality is that things will likely only get worse. Huge advancements in technology such as AI and deepfakes are making it increasingly difficult for businesses to weed out attacks and mitigate their risk.

On top of this, global relations are continuing to worsen, with wars in Europe and the Middle East giving credence to malicious cyber activity between states. And while these factors may not seem like immediate, obvious threats to UK businesses, there can be damning consequences should they not take the rising cyber threat seriously.

What are the biggest threats businesses will face in 2024?

AI adoption on both sides of the fence

AI has become one of the most exciting technological advancements of the 21^st century. It can complete tasks which would have previously taken hours in seconds, and to a high degree of accuracy, and with just a few prompts, can automate dozens of different tasks, from drafting copy, replying to emails, and even writing code.

This automation is what cybercriminals will be looking at in 2024. For the majority of criminal groups, it is all about finding the path of least resistance. This is why phishing has been the most popular attack vector in recent years. At a basic level all it requires is for attackers to send malicious links, loaded with off-the-shelf malware, to individuals and hope they click on it.

This is easy and unsophisticated, and AI will make these types of attacks even easier for cybercriminals to carry out. AI will allow cybercriminals to set up automated email campaigns to thousands of potential victims, and then export stolen or encrypted data from their network and automatically send ransom demands. The technology is lowering the bar of entry for cybercriminals.

However, it’s not just attackers who will benefit from the technology. Cybersecurity vendors from around the world are already working to integrate AI into their products. From monitoring tools and threat detection solutions to network traffic analysis systems and risk assessment programmes, new versions of each of these cyber protections are being given AI capability.

Deepfake technology being used against people

Deepfakes are a technology which involves digitally manipulated media to create fake versions of an individual’s likeness, most commonly their face or voice. Powered by AI, the technology allows malicious cyber groups to create fake images, audio or videos of a person. This presents a significant issue for today’s businesses.

Using deepfakes, a cybercriminal could send an employee at a business a voice message, copying the likeness of the company’s CEO, to ask them to send over an access code, or log in credentials, for example. The groups now often use deepfakes in conjunction with other types of attack vectors, such as phishing. Imagine an employee receives a suspicious email from your email provider asking to change their password, and then a voice or video message from your CEO comes in explaining that there was a security risk found on the system and all employees are being asked to update their passwords – many would not second guess this.

This targeting of people unfortunately accentuates an already critical problem for the security of businesses; human behaviour. A recent study by Stanford University revealed that around 88% of all data breaches are caused by human mistakes. And with the rise of deepfakes, this number is likely to rise in 2024.

State-sponsored cyber activity causing disruption to businesses

The current world climate is tumultuous. There are a number of wars happening across Europe and the Middle East impacting millions of people. These conflicts have created a sort of ‘cold cyber war’ between many states, including Russia, North Korea and Iran, who each are targeting western regions such as the United States, United Kingdom and the rest of Europe. The goal of these states is to cause disruption and damage to their enemy nations.

Due to potential repercussions of instigating a cyberwar, many of these states commission private criminal gangs to carry out these cyber-attacks. In Russia for example, cybercriminal groups were found to be working in huge office blocks, operating in plain sight and without fear of prosecution. A recent report actually found that some of these groups have HR departments and holiday allowances, as well as workplace benefits. These gangs are given refuge with the understanding that they will be asked to carry out attacks on specific targets around the world.

Although difficult to attribute back to the parent nations, these attacks have become increasingly prevalent, and in 2024 it will become a constant worry for businesses. Even though most wouldn’t seem an obvious target for cyber-attacks, if stopping a company from operating will cause disruption and confusion for large parts of a country’s population, then there is a high chance they will be a target.

The last 12 months was difficult for businesses from a cyber perspective, and 2024 is likely to become more yet more dangerous. However, if companies work to understand their risk, take proactive steps to mitigate threats, and ensure to constantly monitor and improve their cyber posture, they will give themselves the best chance to remain cyber secure.

Tom Kidwell is the Co-founder of Ecliptic Dynamics, an internet infrastructure security specialist that provides security, privacy, and data protection through its web isolation platform and virtual desktop infrastructure.