According to the Cybersecurity and Infrastructure Security Agency (CISA), cyberattacks cost the US economy $242 billion annually. Fortunately, just as cybercriminals are evolving with new techniques and strategies, so are the security and information technology professionals responsible for stopping them. With 2023 in the rearview mirror, it's time to look forward at some of the new security technologies and measures that can help protect your industrial networks and explore the cybersecurity trends that we anticipate will shape the year that lies ahead.

1. Machine Learning-Powered Malware Detection

Network security professionals are turning to Machine Learning (ML) to improve detection and classification of malware. ML programs can learn behavioral patterns shared by different malware types by analyzing millions of representative malware samples, combined with input from humans, or the program's own queries. Updates and frequent retraining will enrich the ML model to detect malware code despite the threat detection bad actors releasing new versions of malware files. Besides detection of malware, ML can identify threats to the operations of an industrial network by uncovering suspicious user behavior inside and outside the organization.

2. Quantum-resistant Encryption Algorithms

Data scientists fear that a powerful quantum computer may soon be able to breach the encryption algorithms that protect and authenticate digital information. Data today is kept private thanks to cryptographic techniques managed by the National Institute of Standards and Technology (NIST). A modern computer would need trillions of years to use the power and brute force to break just one set of NIST encryption keys, yet according to Shor’s Algorithm, a quantum computer could do it in just days, therefore making all the world’s data vulnerable to cyberattacks. This year, the NIST is on schedule to standardize four quantum-resistant encryption algorithms, a process that will involve the NIST creating guidelines to ensure that the new algorithms are used correctly.

3. Spikes in Ransomware Attacks

Financially motivated ransomware attacks were up 95 percent in 2023, year over year. In 2024 we expect to see a similar spike in both the frequency and the sophistication of ransomware attacks on industrial networks. Aided by AI, hackers are increasingly using social engineering, phishing, and zero-day vulnerability to identify system weaknesses to exploit. Reflecting the brazenness of hackers is so-called “RaaS” or Ransomware-as-a-Service. Hidden in the shadowy crevices of the Dark Web, RaaS is malicious software that lets the technologically unsavvy hold computers and industrial networks ransom, a move that will certainly increase the occurrence of attacks and the potential number of attackers in 2024. Escalating ransomware attacks will heighten the need for better cyber hygiene.

This goes beyond encouraging employees to not open email attachments. All employees need to regularly backup data files. Operating systems and software must be kept up to date with the latest security patches. Installing antivirus software and firewalls will help protect vulnerable network applications, endpoints and servers, while segmenting networks will prevent ransomware from spreading across the enterprise. Remember, something as simple as an open, unprotected port on an industrial managed switch can be an invitation to a ransomware attack.

4. Ramping up IIoT Device Security

This is the year where we’ll see industrial device security come to the forefront, especially with industrial switches and sensors. Industrial networks contain sensitive data that make them an inviting target for hackers seeking proprietary intellectual property. SCADA, PLCs, Industrial Control Systems and Distributed Control Systems are being hardened and networks segmented as part of creating a defensible environment. Yet a sophisticated hacker can still find entry into an industrial network via a vast number of interconnected devices, from a remote sensor to a local industrial Ethernet switch. Each endpoint creates a potential opportunity for criminals to access private information or, worse, the main network. Configuring endpoint devices securely calls for identifying and monitoring access, setting up devices to submit logs and alarms to a centralized security monitoring system, requiring authorized devices and services to go through verification before deployment, and increasing confidentiality by encrypting configuration data. Implementing multi-factor authentication is another critical step in device cybersecurity, as is creating password policies that prioritize length over complexity.

Antaira's LRX-0200-T industrial router provides VPN support, firewall protection, and data encryption to ensure the security of data transmitted over the network. Adding the LRX-0200-T industrial router is an important component for many industrial automation systems, providing reliable and secure connectivity that is critical to the operation of these systems.

5. Zero Trust Framework Adoption

Zero Trust (ZT) architecture assumes that no user, device, computer system, or service inside or outside the organization should be trusted to gain unauthorized access until verified. In 2024, we expect to see more industrial networks embracing ZT as a proactive way to reduce vulnerabilities in increasingly complex hybrid environments. Also playing a role in ZT’s rapid adoption will be more stringent regulatory compliance demands and the diminishing effectiveness of “moat and gate” perimeter security. Based on NIST 800-207 guidelines, ZT begins with the idea that everything on the network is hostile or already breached. Access is only allowed after user identification, device health, data classification, and service or workload have been confirmed. Next, ZT will assign a degree of risk to the connection request after inspecting it for threats or anomalies. Once a risk score is assigned, the network decides whether to deny the request or grant full access or Just-Enough Access (JEA). Network micro-segmentation and least privileged access practices are applied to minimize the blast radius of any potential breach.

6. Regulatory Changes

Cybersecurity regulations are continually evolving to keep pace with the changing threat landscape. With privacy and data protection at the industry forefront, 2024 may see new or updated regulations that impose stricter compliance requirements on private sector organizations. For instance, the Cybersecurity and Infrastructure Security Agency (CISA) is expected to publish a notice of proposed rulemaking by March 15, 2024, in accordance with the Cyber Incident Reporting for Critical Infrastructure Act of 2022 ("CIRCIA"). This notice will propose reporting requirements for critical infrastructure entities for specific types of cybersecurity incidents and ransomware payments. Antaira will be closely monitoring this development to determine its impact on industrial networks.

7. Security Awareness and Training

With most security breaches resulting from human error, cybersecurity training and awareness programs will remain critical in 2024. Organizations will invest more in educating their employees to recognize and respond to threats effectively. Whereas topics such as email passwords, phishing attacks, and social media use were previously major focuses, cybersecurity training has broadened to take on new vulnerabilities in work-from-home safety, cloud security, mobile device use, and the dangers of public Wi-Fi. Regular training will help keep cybersecurity top-of-mind for all employees.

Conclusion on Cybersecurity in 2024

As the digital landscape evolves, so do the tactics and strategies employed by cybercriminals and malicious actors. It's crucial for those involved with industrial networks to stay informed about the latest cybersecurity trends to protect their data and assets effectively. By adopting Zero Trust practices, improving device security, adhering to regulatory changes, and enhancing security awareness and communication amongst employees, you can bolster defenses and stay one step ahead of cyber threats in the year to come. Contact Antaira today to learn how industrial networking equipment can help protect your industrial networks by giving us a call at (714) 671-9000. Antaira industrial Ethernet switches and industrial routers are ideal for combating cybersecurity threats and cyber attacks within industrial networks.