Last year cyber attacks rose sharply, targeting healthcare, infrastructure, financial establishments as well as political campaigns. And there appears to be no end in sight. The sophistication of threat actors is growing and the small threat teams are joining forces with larger, more sophisticated threat teams, creating an even bigger canvas on which to launch attacks. Threat teams are working together, globally, so no matter where your infrastructure is location, the threat actors have 100 people ready to circumvent your systems.
Rising Threat Landscape in 2024
In 2024, we saw highly evolved attacks. From the proliferation of Info Stealers to Access Brokers, threat actors are capturing data and selling it on the dark web. Remember, threat actors go about their day as a business. People are paid, payments are reinvested in hardware, software and threat actor resources.
Top 2024 Cybersecurity Threats and Attacks
Below are the top highlights for 2024 and they are all noteworthy:
1. Change Healthcare Ransomware Attack (February 2024)
The BlackCat (ALPHV) ransomware group targeted Change Healthcare, disrupting healthcare services nationwide.
2. Connectwise Screenconnect Mass Exploitation (February 2024)
Allows an attacker with network access to the management interface to create a new, administrator-level account on affected devices. It can be paired with a second bug, a path-traversal issue (CVE-2024-1708, CVSS 8.4) that allows unauthorized file access.
3. Snowflake Data Breach (April 2024)
Accounts stored on Snowflake’s cloud platform were compromised, affecting companies like AT&T and Ticketmaster.
4. Chinese Espionage Campaigns: Salt Typhoon and Volt Typhoon (Throughout 2024)
Chinese state-sponsored groups targeted U.S. critical infrastructure and telecom providers.
5. XZ Utils Supply Chain Attack (March 2024)
Malicious code was embedded into a widely used compression utility, potentially impacting thousands of systems.
6. UK Ministry of Defence Data Breach (June 2024)
Sensitive data was exposed, impacting national security.
7. Ascension Ransomware Attack (August 2024)
A ransomware attack disrupted operations at Ascension.
8. MediSecure Data Breach (September 2024)
Personal information of patients was exposed.
9. Synnovis-NHS UK Ransomware Attack (October 2024)
The NHS was targeted, affecting healthcare services.
10. CrowdStrike-Microsoft Outage (November 2024)
A cyber-attack caused an outage affecting both companies.
11. TfL Cyber Attack (December 2024)
The Transport for London network was targeted, disrupting public transportation.
The above attacks were substantial and impacting. Do not forget what is around you every day. We are all exposed to potential exploitation through personal lures, like fake job offers or account alerts. Artificial Intelligence (AI) driven attack campaigns use automated tools to target the masses. Multi-Factor Authentication (MFA) is great if you are not pushed into an MFA fatigue scenario. And lastly, let us not forget about social media and the data scraping that is happening every day.
If you have concerns about the email you are seeing, how your network is operating, or if your team needs your annual security update, contact ION Technology Group today for a discussion at 1.856.719.1818 or at service@iontg.com. Stay safe and alert.
