2024 is likely to be the year in which cybercriminals will step up their game again. New dangers, which I have been following closely for some time, will fully develop and reach new heights in the coming period.

Today I would like to highlight three of them and look at their recent developments and their impact on our companies and employees. Don’t worry: I’ll also give you some tips on how you can best protect yourself from these new trends in cybercrime.

1. Purchase a ransomware license

Ransomware-as-a-Service (RaaS) is certainly not new. However, it is a sector that is constantly evolving. It has long been possible for a novice criminal to purchase a ready-made ransomware package, but today this has moved to a model that receives updates and stays current throughout the year.

Criminals no longer buy the software, but rather a license – just like with an Office package. The developers of this software, often organized gangs, receive a share of the pie for each successful transaction; this is often a proportion of 30%. In return, the licensee receives regular updates and comprehensive support throughout the entire ransomware process. Is a victim’s payment unsuccessful? He or she can then receive support from the “professional” provider.

This makes ransomware less likely to be neutralized, as even novice hackers can continue to easily exploit new vulnerabilities with the support of a network of professionals. While it used to be enough to perform daily updates to fix vulnerabilities, today it is possible that you will remain vulnerable even after that, as hackers are automatically provided with new ways to access your system.

My tip: think in layers

There is no magic solution that will secure your network or devices. While you once felt safe with a good antivirus program or firewall, today it’s impossible to secure your entire digital environment with just the push of a button. It is therefore important to use the right combination of applications, solutions and methods.

Does that sound like a big investment? It can be much cheaper than having to pay a large ransom for your data or losing several weeks or months of time restoring backups. Additionally, there is certainly no need to throw away your entire current setup. There’s a good chance that you already have a comprehensive safety net of solutions in place, but it’s just as likely that there are still some big gaps in that net. Therefore, let an expert help you with your search Blind spots in your security and suggests an addition that makes maximum use of your existing IT infrastructure.

2. Triple ransomware extortion

As if falling victim to a ransomware attack wasn’t bad enough, criminals manage to stick the knife even deeper year after year. In the classic case, your data is encrypted and you pay a ransom to regain access to it. Some time later, a second layer was added: the threat that hackers had also stolen your data and would reveal it online if you didn’t pay. This way, your problem was exposed and your customers (and competitors) could see what data was available.

Today, a third level is added: Anyone who doesn’t pay is exposed to a DDoS (Distributed Denial of Service) attack across the entire network. While a ransomware attack is a challenge in itself (after all, you’re focused on restoring your data, whether via backups or not), you also have to worry about your network or website going completely down, causing even more unavailability, Unemployment, loss of money and damage to reputation.

My tip: set a strict setting Incident responseScript and stick with it

Recent research from Proximus shows that 43% of Belgian companies have not yet created a cyber incident scenario or are still working on one. In other words, almost half of our companies don’t know what to do when a disaster strikes. The same research shows that 33% of all Belgian companies experienced a cyber incident last year.

As cybercriminal approaches become more sophisticated, thorough preparation is more important than ever. If you take every possible measure to protect yourself or your business from a possible hack, but don’t take precautions in case something goes wrong, all your efforts will be in vain. Immediately Incident responseYou can act immediately without losing valuable time. Everyone knows their role and what measures need to be taken to prevent something worse from happening. Such a plan can prevent significant reputational damage and save you not only repair costs, but also possible General Data Protection Regulation (GDPR) fines due to stolen customer data. It is key to effective response and recovery in the event of a cyber incident.

3. The AI ​​hype also reaches hackers

ChatGPT recently blew out its first candle. The tool has been highly praised by copywriters, marketers, teachers and their students, self-employed people, and almost anyone who occasionally has trouble with written media (including code). Of course, it wasn’t long before cybercriminals started using it too. ChatGPT proved extremely useful for making existing malware more efficient or simply writing new malicious code. The parent company OpenAI also builds other fun toys for “generative AI”: Dall-E, for example, produces images on request. Are you looking for a specific theme in a familiar style? Nothing is too crazy.

This makes it easier and easier to create false images and misleading texts, and even unique voices become easier to imitate. On the regulatory side, the first-ever “AI law” was recently (finally) passed by the EU, but it remains to be seen how and especially how strictly it will be applied. However, What happens on the dark web stays on the dark webor how the AI ​​law will harm cybercriminals.

My tip: education and training

The rise of AI is making it easier for criminals to create victims. Conversely, AI also makes it harder for end users to distinguish malicious messages and files from legitimate variants. More than ever, it’s important that we can see the little details that make… Fraud to give away. Searching for spelling errors is no longer useful. The real benefit lies in the sender email addresses, the URLs under the hyperlinks, etc. and of course in the knowledge that if an offer is too good to be true, it probably is.

The only way to help people in an increasingly complex and dangerous digital world is to continually educate them. Educational campaigns should reach them all year round and, if possible, without obligation. Despite the fact that anyone can fall into the trap, I still hear every day that it “won’t happen” to me. Daily training is just as essential as a well-filled coffee machine at work.

Furthermore, it is thorough educational work mandatory in the upcoming NIS2 regulations. This obliges organizations in essential industries to take the necessary security measures and provide training for (management) employees. Since suppliers If you also come into play in this regulation, the spectrum for this obligation immediately becomes very wide – perhaps also for your organization.

A time of evolution

The beginning of the new year is the ideal opportunity to prepare as a company and employees for the dangers of the future. It is extremely important to take the time to analyze the past year and learn the necessary lessons from it. Where is there room for improvement? Are all necessary security processes in place? Is there a clear recovery plan? If you are completely satisfied with your preparation, it certainly can’t hurt to put it to the test with one, for example Pentest (penetration test). In this way, you will experience a healthy, safe and more or less calm year 2024.

This is a post by Geert Baudewijns, CEO and founder of Secutec.