Today zero-trust, zero-knowledge and password pros at Keeper Security have released the findings of their 2024 Keeper Security Insight Report, The Future of Defence: IT Leaders Brace for Unprecedented Cyber Threats. The report found that emerging attack vectors were presenting significant risk, with business leaders feeling a lack of confidence in their ability to defeat threats from these new attack vectors. The survey was conducted with over 800 IT and security leaders globally.
The report found that 92% of respondents have seen an increase in cyberattacks year-over-year. Additionally, the research showed that, as cyberattacks become more frequent, 95% of leaders say that threats have also become more sophisticated than ever. Worringly, leaders are underprepared for this new frontier of novel adversities.
Additionally, survey respondents cited AI-powered attacks as the most serious emerging attack vector and the most challenging to handle. Evidently, cybercriminals are becoming increasingly more sophisticated, breaking historically secure solutions and inflicting damage on vulnerable organisations across every sector. Among the other top emerging threat vectors were deepfake technology (36%), supply chain attacks (36%), cloud jacking (35%), Internet of Things Attacks (34%), 5G networks exploits (34%), fileless attacks (24%).
IT leaders report they are ill-equipped to defeat those emerging techniques, lacking defence for:
- AI-powered attacks – 35%
- Deepfake technology – 30%
- 5G network exploits – 29%
- Cloud jacking – 25%
- Fileless attacks – 23%
Keeper Security also found that nearly three quarters (73%) of IT leaders surveyed reported experiencing a cyberattack that resulted in monetary loss. Direct financial impact is one of many consequences of a successful cyber attack, along with business disruption, enduring revenue loss, customer and partner attrition and tarnished reputation.
Darren Guccione, CEO and Co-founder, Keeper Security said: “Malicious actors are wreaking havoc on vulnerable organisations in novel ways, leveraging emerging technology to execute devastating cyber attacks. Fighting evolving threats requires constant adaptation, underscoring the need for a proactive approach to cybersecurity – one that combines advanced defence mechanisms and basic best practices to identify evolving threats and defeat a cyberattack.”
IT leaders are stretched thin as they combat today’s most common threat vectors alongside emerging threats. The survey found that phishing (61%), malware (59%), ransomware (49%), and password attacks (38%) are the most common types of attacks directly impacting organisations.
The explosion in AI tools has intensified problems like phishing attacks by increasing the believability of scams and enabling cybercriminals to deploy them at scale. Over 1 in 8 respondents said that phishing and smishing have become more difficult to detect with the rise in popularity of AI-powered tools, and revealed that AI-powered phishing is their top concern (42%) when it comes to AI security. In addition to phishing, malicious actors weaponise AI to speed up and scale other common attack techniques, such as password cracking.
Among the multitude of cyber attacks increasing in frequency, survey respondents cite:
- Phishing – 51%
- Malware – 49%
- Ransomware – 44%
- Password attacks – 31%
Stolen or weak passwords and credentials remain a leading cause of breaches. Fifty-two percent of survey respondents shared that their company’s IT team struggles with frequently stolen passwords, underscoring the importance of creating and safely storing strong, unique passwords for every account.
The findings of this survey highlight that cybercriminals are becoming increasingly sophisticated, breaking historically secure solutions and inflicting damage on vulnerable organisations across every sector. As a result, cybersecurity (and proactive, preventative measures) is more critical now than ever before.