OpenText’s 2024 Threat Hunter Perspective Reveals a Growing Danger

The threat landscape continues to evolve, and cyberattacks are becoming more sophisticated, coordinated, and politically motivated. OpenText’s recently released “2024 Threat Hunter Perspective” reveals alarming trends in global cybersecurity. Among the key findings: nation-states are now collaborating with cybercrime rings to target critical infrastructure and disrupt geopolitical stability, turning global supply chains into battlefields of cyber warfare.

The report highlights that collaboration between nation-states and cybercriminal groups is no longer just an emerging trend—it’s now a major part of the cybersecurity landscape. In 2024, this form of collusion has become more prominent, with Russia and China among the key players coordinating attacks through cybercrime syndicates to further their geopolitical agendas.

“Our threat intelligence and experienced threat hunting team have found that nation-states are not slowing down and, as notable events like the U.S. presidential election get closer, every organization in the global supply chain needs to be on high alert for advanced and multiple cyberattacks,” said Muhi Majzoub, executive vice president and chief product officer at OpenText. He emphasized the importance of adversarial signals and threat intelligence to help enterprises prepare for the next wave of threats.

The report underscores Russia’s coordination with groups like Killnet, Lokibot, and Ponyloader, aiming to disrupt critical infrastructure in nations supporting Ukraine. Meanwhile, China has collaborated with cybercrime groups such as Storm0558 and Red Relay to pursue its ambitions in the South China Sea, underlining a growing nexus between national interest and organized cybercrime.

Hackers are showing a keen sense of timing, striking at pivotal moments to maximize their impact. The report indicates that nation-state actors time their attacks around major events, such as holidays or geopolitical actions like military aid announcements. Russia’s cyber campaigns, for instance, typically align with weekday schedules, with notable spikes following any adversarial diplomatic announcements.

Chinese actors take a different approach, often exfiltrating data on Friday afternoons or weekends, when such activities are less likely to draw immediate scrutiny. This strategic use of timing underscores how adversaries are evolving their tactics to evade detection and amplify disruption.

Global supply chains are now a major target for cyberattacks, as adversaries realize they can indirectly cause widespread disruption by attacking the critical infrastructure of a nation. The report points out that cybercriminals are targeting ports, transportation networks, and other logistical operations that support military aid, thereby seeking to impair the broader geopolitical response without directly confronting stronger defenses.

This focus on supply chains poses a threat not only to large enterprises but also to small and medium-sized businesses (SMBs) that play a role in the international logistics network. SMBs can easily become collateral damage if their infrastructure is vulnerable, emphasizing the need for robust cybersecurity measures across the supply chain.

The latest Threat Hunter Perspective reveals that cybercriminals are becoming increasingly adept at using evasion techniques to bypass defenses designed to counter direct attacks. Methods like masquerading, misdirection, and breaking data into smaller chunks during exfiltration are being used to slip through conventional detection systems unnoticed.

These evasion techniques are proving particularly effective in regions with weaker cybersecurity infrastructure, such as the Democratic Republic of Congo, Argentina, and Venezuela. This extends the risk of large-scale cyberattacks originating from unexpected locations, challenging traditional defense mechanisms.

As the U.S. presidential election approaches, the risk of cyberattacks increases. The report warns that both misinformation campaigns and attacks on critical infrastructure, such as power grids and hospitals, are likely to escalate as election day nears. These attacks are intended not only to disrupt but also to sow discord and influence public opinion.

Cybercriminals are also expected to exploit the chaos of election-related news to launch broader attacks. As Muhi Majzoub stated, “Enterprises need to be prepared for large-scale attacks,” making it imperative for organizations across the board to be on high alert.

Artificial intelligence has become a significant player in the cybersecurity domain, but it also comes with a darker side. While AI-driven tools are helping companies detect threats faster and automate security responses, cybercriminals are equally leveraging AI to create more convincing phishing scams, misinformation campaigns, and even deepfake videos.

This dual-use nature of AI means that while defenders are getting smarter, attackers are becoming more unpredictable. For businesses and consumers alike, vigilance remains the key to countering these threats.

To navigate this increasingly complex threat landscape, OpenText’s report emphasizes the importance of basic yet effective security measures. These include keeping software up to date, using strong and unique passwords, enabling multi-factor authentication, and conducting regular cybersecurity audits.

For SMBs, understanding the potential for being swept into geopolitical conflicts is critical, as even indirect connections to a supply chain can make a business a target. Cyber insurance and employee security training are practical steps to mitigate these risks.

For individual consumers, the advice is straightforward: stay alert to scams, particularly during high-risk periods like holidays or major events. Simple precautions like verifying sources and being skeptical of unexpected emails can go a long way in staying safe.

This a sobering picture of the cyber threat landscape, with nation-state collusion, sophisticated evasion tactics, and a calculated approach to disruption now defining cyber warfare. As geopolitical tensions rise and key events like the U.S. election draw near, both businesses and consumers must brace themselves for an onslaught of increasingly complex threats.