Skip Navigation
BlackBerry Blog

Informed Predictions: 5 Cyberthreat Trends to Watch Now

What kind of cyberthreat trends can organizations expect to encounter during the remaining months of 2024? Threat researchers at BlackBerry recently shared their predictions in the latest version of our quarterly Global Threat Intelligence Report.  

The report explores past and current cyber incident data to identify trends, patterns and relationships that can help organizations navigate the present threat landscape. According to our internal telemetry, BlackBerry® cybersecurity solutions stopped more than 5.2 million cyberattacks across all industry sectors during the four-month reporting period covered by our latest report. Analyzing this data, along with insights from our managed detection and response (MDR) team, helped our researchers uncover the “who,” “what,” and “where” of attacks — and pinpoint new and existing vulnerabilities threat actors are actively exploiting.

The report also makes predictions to help security decision makers stay ahead of adaptive adversaries and anticipate future tactics that data may not fully reveal yet. Here at BlackBerry, we believe that going beyond available data to make informed hypotheses about potential developments is a key part of an effective cyberdefense strategy. With that in mind, let’s take a moment to look toward the future.

Five Top Cyberthreat Trends for 2024

Here are five cyberthreat trends to watch for this year, according to the BlackBerry Global Threat Intelligence Report, published in March 2024.

Prediction #1: Expect an expanded use of deepfake technology during upcoming elections, worldwide.  

“2024 is a significant year on the political landscape, with 50-plus national elections scheduled in various countries across the globe.  Election periods are often rife with misinformation and disinformation campaigns and this year will almost certainly bring an avalanche of both.  

We predict that at the forefront of this will be the abuse of deepfake technology by bad actors. Deepfake technology powered by LLMs allow malicious actors to create highly realistic, yet fake, intentionally misleading media in the form of photographs, audio, or multimedia. These can range from falsified or doctored speeches to manipulated video or audio snippets of well-known political figures. This deepfake content will be strategically propagated through various social media channels and messaging apps.” 

Prediction #2: VPN appliances will remain highly attractive targets for nation-state threat actors.

“Internet-facing systems including VPN appliances will continue to be the perfect target for threat actors from malicious nation-states, for several reasons. Appliances placed on critical sections of a network may not have traditional security software such as antivirus or EDR agents available, making detection of a breach very difficult, especially when zero-day attacks are used.  Additionally, VPN appliance compromises are usually not detected until a threat actor is inside a network, making it difficult to eradicate the threat.  The targeting of VPN appliances will remain a highly effective choice for nation-state threat actors to gain access to target networks until there is a more effective option with much better returns.” 
Related: Emergency Directive Reveals It’s Time to Replace VPNs

Prediction #3: Brazilian criminal groups will shift their attention to phishing and PIX related fraud.  

"As sometimes happens with the most prolific worldwide cybercriminal groups, we believe Brazilian cybercrime groups will change their tactics to focus more on the creation of phishing websites to lure victims to make payment transfers via PIX, an instant and free payment method. This has already started during automobile tax season, when criminals abused SEO engines to show fraudulent phishing pages which included valid vehicle and owner data that (theoretically) only the government should have access to. With data leaks becoming more common, such activity is likely to continue.”

Prediction #4: Expect another increase in supply chain attacks. 

“We predict a rise in supply chain attacks as 2024 progresses. This is because supply chain networks are incredibly complex, and the wider impact of these breaches would make them a desired attack vector for threat actors. The attacks may be against supply chain software or hardware such as appliances and routers. Businesses need to be aware of the security posture of their supply chain partners and should have detection and mitigation plans in place to handle such attacks.”

Prediction #5: Threat actors will increase their attacks against the Asia–Pacific (APAC) region.  

“We anticipate an increase in attacks from North Korea-sponsored groups in the U.S., South Korea, and Japan. As Western-aligned countries continue to partner to tackle cyberthreats sponsored by the two most active actors in the region – China and North Korea – it is likely we will see more financially-motivated attacks, which North Korea uses to evade sanctions, and an increase in traditional cyber espionage activities. Japan’s National Security Advisor Takeo Akiba said North Korea's “illicit cyber activities” continue to be “a source of funds” for the state’s nuclear missile development. North Korea has previously denied allegations of hacking or other cyberattacks.” 

What Current Cyberthreat Data Reveals

Moving beyond predictions, the current BlackBerry Global Threat Intelligence Report uncovered a significant increase in cyberattacks and an even bigger surge in attacks utilizing unique malware, as opposed to commodity or “off-the-shelf" malware. It also breaks down attacks by country and industry and uncovers the top 20 MITRE ATT&CK® techniques used by threat groups, and more.

Read and download the complete BlackBerry Global Threat Intelligence Report.

Register today for the webinar: Global Threat Intelligence Report Deep Dive: March 2024 Edition.

The goal of the BlackBerry Global Threat Intelligence Report is to provide insightful cybersecurity data as well as contextual cyber threat intelligence (CTI) that can help your organization defend itself. Modern cyberdefense requires a mix of data driven analysis combined with informed predictions about the future.

For similar articles and news delivered straight to your inbox, subscribe to the BlackBerry Blog.
Bruce Sussman

About Bruce Sussman

Bruce Sussman is Senior Managing Editor at BlackBerry.