Security FIRST State of the Nation 2024

As the year draws to a close, I thought it might benefit everyone to review the current year. Cybersecurity has become more complex and challenging with the emergence of new trends. But what are those trends this year? Let's look at them.

Data Breaches

So far in 2024, over 1 billion records have been stolen in various breaches. Some of the most notable ones are listed below:

• AT&T - this data breach exposed nearly all of its cellular customers' call and text records.
• United Health - occurred in February this year, impacting 14 million patients when hackers exploited a lack of MFA on a portal allowing access via stolen credentials. United Health paid the criminals $22 million.
• Snowflake - impacting 165 customers including high-profile targets such as Ticketmaster. Hackers stole full names, addresses, phone numbers and partial credit card numbers for 560 million Ticketmaster customers. The criminals utilized information-stealing malware to obtain login credentials.

Credential theft and reuse will continue to be a major factor in the risk of data breaches.

Ransomware

The number of reported ransomware attacks has increased from 4,399 in 2023 to 4,967 in 2024, representing a 13% rise as of this writing. Average ransomware payments have grown to $2.73 million in 2024, a $1 million increase from the previous year.

Notable examples of organizations affected by ransomware gangs include:

• CDK Global: In February 2024, this auto dealership software provider was impacted by a ransomware attack initiated through a phishing campaign. The attack affected 15,000 car dealerships, and reports indicate that CDK Global paid the ransomware gang $25 million.
• Unknown Fortune 50 Company: In 2024, the largest recorded ransomware payment was made to the Dark Angels ransomware group, totalling $75 million. The organization that made the payment remains undisclosed, except for its status as a Fortune 50 company.
• Transport for London: This organization, with 30,000 employees, was forced to reset employee passwords in person due to a ransomware attack. Reports suggest that the attacker was the same individual responsible for the MGM Resorts cyber attack.

New Cyber Attack Trends

Cyberattacks have increased by 30% year-over-year globally, with organizations experiencing an average of 1,636 attacks per week. Looking ahead to 2025, I anticipate that cybercriminals will leverage AI to further accelerate this trend.

The exploitation of vulnerabilities by cybercriminals remains a persistent threat to businesses. A key factor contributing to this ongoing risk is the speed at which vulnerabilities are exploited. Criminals often exploit newly disclosed vulnerabilities within hours or days, exacerbating the threat landscape. This trend is likely to continue and contribute to significant increases in cyberattacks in 2025.

Securely yours,

Scott

infographic credit: Sophos- The State of Ransomware 2024