Cyber Crime & ForensicDevice & IoTIdentity & AccessPress Release

Trellix Foresees Increased Complexity in Ransomware by 2024

Photo of CSA Editorial CSA Editorial Send an email November 23, 2023
3 minutes read

Trellix, the cybersecurity company delivering the future of extended detection and response (XDR), has released its annual threat predictions report for 2024. Forecasts from the Trellix Advanced Research Centre anticipate increasing complexity in ransomware in Singapore, as even now there is one case reported every three days. In addition, nation-states persist in using cyberattacks for political and territorial purposes in regions like Ukraine, Taiwan, and Israel.

“The cyber landscape today is more complex than ever before. Cybercriminals from ransomware families to nation-state actors are getting smarter, quicker, and more coordinated in retooling their tactics to follow new schemes — and we don’t anticipate that changing in 2024,” said John Fokker, Head of Threat Intelligence, Trellix Advanced Research Center. “In order to break away from escalating attacks and start outsmarting and outmanoeuvring threat actors, all industries need to embrace a cyber strategy that is constantly vigilant, actionably comprehensible, and adaptable to new threats. That is how we can ensure a one-step lead over cybercriminals in the coming year.”

Cybersecurity experts and threat researchers from the Trellix Advanced Research Centre team have compiled some predictions for trends, tactics, and threats that organizations should keep top of mind as we approach 2024.

Below are some key forecasts for the region in the coming year:

AI-Generated Voice Scams for Social Engineering
The rise of scams involving AI-generated voices is a concerning trend that is set to grow in the coming year, posing significant risks to individuals and organizations in Singapore. At the Regional Anti-Scam Conference 2023 earlier this year, Minister of State for Home Affairs Sun Xueling, warned that scammers can use deepfake technology to clone authority figures and dupe people into transferring money.

Recent advancements in artificial intelligence have greatly improved the quality of AI-generated voices, making it increasingly difficult to differentiate between real and fake voices. Scammers can thus leverage AI-generated voices to automate and amplify their fraudulent activities, targeting numerous potential victims simultaneously with personalized voice messages or calls. Additionally, these scams are not limited by language barriers, allowing scammers to target victims across diverse geographic regions and linguistic backgrounds.

Even More Layers of Ransomware Extortion
Ransomware groups are starting to contact the clients of their victims as a new way to apply pressure and combat recent ransomware mitigations. This allows them to ransom the stolen data not only with the direct victim of their attack, but also any clients of the victim who may be impacted by the stolen data. As this additional form of extortion grows in popularity, ransomware groups may increasingly look to target entities that handle not only sensitive personal information, but intimate details that can be used to extort clients. It would not be surprising for the healthcare, social media, education, and SaaS industries to come further under fire in 2024 from these groups.

Unmasking The Silent Surge in Insider Threats
Insider threats have increased over the past few years and have posed a multifaceted risk that affects both public and private organizations globally. This threat undermines the confidentiality and integrity of the organization while aiding adversaries in gathering intelligence, carrying out sabotage operations, and using subterfuge methods to achieve their nefarious objectives. As insider threats continue to grow with the proliferation of connected devices and hybrid and remote workforces, it is essential for organizations to identify, evaluate, detect, and manage these insider threats in today’s threat landscape to retain stakeholder confidence.

The Growing Battle of the (QR) Codes
As our daily lives become increasingly reliant on digital interactions, attackers are adapting their tactics to exploit new vulnerabilities, and QR codes have become an enticing tool for them to use as an attack vector. One of the primary reasons behind the expected rise of QR code-based phishing campaigns is their inherent trustworthiness, which can be exploited by cybercriminals who embed malicious links or redirect victims to fake websites.

Notably, in Singapore, a woman lost S$20,000 when she scanned a QR code at a bubble tea shop to complete an online “survey”. To combat the growing threat of QR code-focused phishing, users must exercise caution when scanning codes, especially from unknown or suspicious sources.

For the full list of 2024 predictions by the Trellix Advanced Research Centre, you can visit our blog here.

Tags
Photo of CSA Editorial CSA Editorial Send an email November 23, 2023
3 minutes read
Photo of CSA Editorial

CSA Editorial

Launched in Jan 2018, in partnership with Cyber Security Malaysia (an agency under MOSTI). CSA is a news and content platform focusing on key issues in cybersecurity in the region. CSA is targeted to serve the needs of cybersecurity professionals, IT professionals, Risk professionals and C-Levels who have an obligation to understand the impact of cyber threats.

Related Articles

Financial Phishing

Financial Phishing Continues to Be Menace to SEA Companies—Kaspersky

November 28, 2024
Keeper Security

Williams Racing Chooses Keeper Security to Safeguard Data in Formula 1’s High-Stakes, Data-Driven World

November 28, 2024
Trend Micro

Trend Micro Safeguards Cloud Data of Healthcare AI Innovation Leader

November 27, 2024
ThreatLabz

ThreatLabz Report: Singapore Is Second Most Targeted APJ Nation for Mobile Malware Attacks in 2024

November 27, 2024

Leave a Reply

Your email address will not be published. Required fields are marked *

(c) Asia Online Publishing Group 2024 - Media and PR enquiries - editor@aopg.net