Truesec releases its annual Threat Intelligence Report today, providing insights into the evolving threat landscape. Cybercrime continues to surge, as the number of attempted attacks against Swedish businesses and organizations has doubled since the spring of 2022. Attacks target entities of all sizes, especially small and medium-sized enterprises, which are more vulnerable, and the risks associated with AI loom ominously.
In its 2024 Threat Intelligence Report, Truesec highlights that threat actors are increasingly engaging in opportunistic attack attempts, with many small and medium-sized enterprises falling victim over the past year. Despite larger companies and organizations remaining primary targets for cybercriminal groups, Truesec observes that attacks against smaller companies are more likely to succeed. While larger companies have bolstered their cyber defense measures, becoming more difficult to breach, small and medium-sized enterprises face heightened risks of cyber attacks due to their lack of resources to secure their IT environments and detect attacks early.
In the report, Truesec describes a general increase in cyber attacks across all industries, with an increase of 221% compared to 2022. Despite this, a positive trend reversal was noted. For instance, Nordic banks have experienced significantly fewer successful cyber attacks than other industries during 2023.
The most notable change in behavior among threat actors is an increase in automation and a shift toward mass exploitation of vulnerabilities. Truesec notes that AI-powered chatbots, specifically designed to assist cybercriminals, are expected to escalate the frequency of phishing attacks. Future developments in vulnerability exploitation within IT environments and malware creation bring new risks. Even though it’s still too early to predict precisely how this will impact Swedish organizations, the trend suggests that cybercrime will likely escalate as more threat actors learn to adapt and utilize AI tools against organizations.
"We anticipate an increase in attempted attacks throughout the year. Therefore, it’s crucial for organizations of all sizes to strengthen their cybersecurity. A robust cyber defense is of utmost importance for our society as a whole, particularly concerning actors with critical societal functions, as well as those included in the supply chain serving such functions," said Marcus Murray, Founder and Security Expert at Truesec.
Key challenges that organizations must address in 2024 include:
Automation and AI will lead to an increase in attempted attacks and increasingly become tools utilized by cybercriminals.
Cybercrime will grow as a business, and threat actors will become more efficient.
New laws and regulations will require greater legal accountability from companies.
Protecting digital assets after threat actors have succeeded in a data breach.
Other insights in the report:
Forty percent of cyber attacks handled by Truesec's Incident Response team exploited vulnerabilities to gain access.
Supply chain attacks are increasing; threat actors are targeting suppliers to gain access to organizations' IT environments.
Cyber espionage, particularly from groups affiliated with China, poses a risk to Sweden’s competitiveness. The cases Truesec has worked on include everything from espionage against rivals for strategic resources to theft of intellectual property.
BEC attacks, a type of fraud where a cybercriminal poses as a high-ranking individual within the organization to redirect payments, continue to rise.
About the Threat Intelligence Report
Truesec's annual report on the cyber threat landscape is developed by the company's experts, who have dealt with the majority of intrusions against Swedish businesses and organizations. To gather insights into cyber threats and data breaches during 2023, all handled data breaches have been analyzed to determine how they could have been prevented and their effects minimized.
Truesec is a global cybersecurity company with a clear mission: To promote a safer society by preventing cybercrime and minimizing its consequences. Since 2005, Truesec has prevented data breaches and currently collaborates with organizations worldwide. Truesec comprises more than 300 cybersecurity specialists and has offices in Sweden, Denmark, Finland, and Germany.
Truesec's offerings cover all areas of cybersecurity. Learn more at Truesec.com.