Cybersecurity

Intelligence forecast sees ransomware, third-party vendors as major 2024 threats

ZeroFox predicts that attackers will increase their use of initial access brokers, or IABs, to hack into systems.
article cover

Francis Scialabba

· less than 3 min read

Top insights for IT pros

From cybersecurity and big data to cloud computing, IT Brew covers the latest trends shaping business tech in our 4x weekly newsletter, virtual events with industry experts, and digital guides.

A new intelligence risk forecast from cybersecurity firm ZeroFox predicts that 2024 will be more of the same for ransomware and AI—and that threat actors are likely to focus on third party vendors as access points for attacks.

The company’s 2024 Key Forecasts report, released Nov. 7, details the main security threats facing IT teams and defenders. Ransomware is projected as “very likely” to continue to be the main threat to organizations going forward.

As IT Brew has reported, attacks are getting faster and more sophisticated, with some malicious code deployed in as quickly as five hours. ZeroFox predicts that attackers will increase their use of initial access brokers, or IABs, as their conduit into systems.

Danger zone. IABs are targeting third-party vendors “due to the potentially weaker security postures of third parties hired by larger organizations, and the elevated privileges and accesses that come with being integrated into the larger entity,” according to the report. Then, hackers buy the information—and those interactions are increasingly taking place outside traditional dark web forums, “via private chat,” as the ZeroFox intelligence team told IT Brew in an email.

“The vast majority of access deals likely take place off-forum, as observed from researchers that are directly engaged with access brokers on covert channels,” ZeroFox warns. “Moreover, the cost of said accesses, when securing them off-forum, are significantly lower, meaning frequent buyers of accesses can arrange discounts and even be alerted in advance to upcoming accesses that will be listed for sale.”

Voter beware. ZeroFox expects attackers to continue to target critical infrastructure and, given the importance of the US elections in the next year, could deploy “scams, disruptive threats, and the spread of disinformation” to influence outcomes.

“Both malicious and non-malicious actors will likely increase their use of generative AI and synthetic media to create more effective and persuasive content during elections in 2024, exacerbating the threat posed by mis- and disinformation,” the report says.

Top insights for IT pros

From cybersecurity and big data to cloud computing, IT Brew covers the latest trends shaping business tech in our 4x weekly newsletter, virtual events with industry experts, and digital guides.