Disruptive and destructive global cyberattacks this year will tally 211 by the end of 2024, more than double the 103 in 2020, predicts a new report by QBE Canada.
That’s an increase of nearly 105% in just four years. And it’s not going to get any better.
“As technology interdependencies grow, we expect more cyber incidents to disrupt many companies in a single attack, meaning businesses are more likely to experience a disruptive cyber event,” the report reads.
Drivers of these growing cyber threat incidents include geopolitics, ransomware, third party threats and technology advancements.
To start, state-linked cyber actors have become more intent on disrupting critical national infrastructure, oftentimes through ransomware. A few sectors are common victims. Experts have reported an increase of geopolitically-motivated attacks in the last three or so years.
“Such attacks can be driven by geopolitical events like the ongoing Israel-Hamas or Ukraine-Russia conflicts, manifesting as state-directed cybercriminal or activist attacks against entities in strategic sectors outside the theatre of conflict,” the report reads. “Energy sector organisations are highly attractive targets for spillover cyber-attacks, which can destabilise financial markets and governments.”
Some threat actor states have several personas meant to conceal their identities, so they can “shield themselves from attribution or diplomatic penalties,” QBE Canada says.
Deniable state-aligned incidents surpassed 80 in 2024, while state-sponsored incidents reach nearly 120 globally. That’s a significant increase from 2021, when fewer than 60 deniable state-aligned incidents were reported and 100 state-sponsored incidents, respectively.
Ransomware attacks are increasing, and that’s contributing to the total global cyber attacks. Ransomware attacks in 2023 increased 74% from 2022, and total ransom payments made by victims exceeded US$1 billion globally.
And this trend isn’t slowing anytime soon, QBE reports. Total global ransomware events in 2024 are expected to reach 4,800 by the end of this year. And this is expected to climb to 5,200 in 2025’s forecast.
Companies are also vulnerable to cyber threats in their supply chain, products, or partnerships.
Consider how third-party incidents made up 22% of all cyber security breaches in 2023—an increase from 10.9% in 2020.
“To manage this third-party risk, which is difficult to mitigate, organisations must adopt best practices internally to strengthen their resilience from external breaches and follow-up targeting after major incidents, while also considering the risk posture, mitigation strategies and insurance policies of their third-party IT providers,” QBE writes.
Canada’s financial solvency regulator, the Office of the Superintendent of Financial Institutions (OSFI), explicitly references third-party cyber risk in its guidelines for federally-regulated financial institutions such as banks and insurance companies.
Threat actors are also increasingly capitalizing on new tech advancements to enact their cybercrimes.
Cloud services are increasingly an attack vector for threat actors, QBE Canada’s report says. “State-linked actors and sophisticated cybercriminals have also moved to the cloud themselves, exfiltrating data to their own cloud storage.”
Cybercriminals are using artificial intelligence (AI) to enhance their attacks; not just to help writing better phishing emails, but also to write code for malware.
“As AI becomes more readily accessible and large language models (LLMs) proliferate, lower-capability threat actors like cybercriminals and cyber activists will be able to launch larger attacks more quickly,” the report reads.
Thus, companies are encouraged to get ahead of these threats through the remainder of 2024 and into 2025, by speaking to their brokers or insurers, updating their incident response plans, and identifying any weaknesses in their current tech stack or supply chain.
Feature image by iStock.com/andresr