A Look Back at 2024’s Biggest Cyberattacks

• The first half of 2024 saw the exposure of 26 billion records in what has been dubbed the “Mother of All Breaches,” affecting a wide range of sectors.
• Over 2,600 ransomware attacks were reported in the healthcare sector in 2024, disrupting critical services and compromising patient data.
• In 2024, over 700 incidents were linked to data leaks and malware sales on Telegram, resulting in the leak of 122 gigabytes of personal user data.
• In 2024, over 700 incidents were linked to data leaks and malware sales on Telegram, resulting in the leak of 122 gigabytes of personal user data.

Notable cyber incidents of 2024 and their implications

1. LoanDepot Ransomware Attack

The year started with a major ransomware attack on LoanDepot, one of America’s largest retail mortgage lenders. On January 8, LoanDepot revealed that it had been forced to take some of its systems offline due to the attack, which temporarily disrupted mortgage payments for many customers. The breach resulted in the theft of sensitive personal information from approximately 16.6 million customers, including Social Security numbers and financial account details. The financial impact was significant, with the company incurring $26.9 million in recovery costs.

2. Ivanti Zero-Day Vulnerabilities Exploitation

Critical zero-day flaws in Ivanti products were widely exploited in early 2024. These vulnerabilities were actively used by Chinese nation-state threat actors to carry out espionage and other types of attacks. The US Cybersecurity and Infrastructure Security Agency (CISA) issued an emergency directive requiring all government civilian federal agencies to mitigate these vulnerabilities. This incident highlighted the ongoing threat posed by sophisticated state-sponsored cyber activities.

3. Volt Typhoon’s Attack on U.S. Infrastructure

One of the most alarming cyberattacks of the year was carried out by Volt Typhoon, a China-backed hacker group. This organisation used the KV Botnet malware to target vital infrastructure both domestically and internationally. They exploited vulnerable SOHO routers, particularly those from Cisco and NetGear, which had reached their end of life and were no longer receiving security updates. The attack affected sectors such as communications, energy, and transportation, prompting a coordinated response from the FBI, Justice Department, and CISA to remove the malware from infected routers.

4. BlackCat Ransomware Group’s Global Impact

The BlackCat ransomware group was responsible for numerous breaches throughout 2024. This group targeted organisations worldwide, compromising millions of sensitive records. Notable victims included Change Healthcare and Dell, both of which faced massive data leaks affecting tens of millions of users. The BlackCat group’s activities underscored the growing threat of ransomware and the need for robust cybersecurity measures.

5. The “Mother of All Breaches”

The cybersecurity world was shocked in the first half of 2024 by what has been known as the “Mother of All Breaches.” One of the biggest data breaches in history occurred as a result of this incident, which exposed 26 billion records. The breach affected a wide range of sectors and highlighted the vulnerabilities in data protection practices across industries.

6. Ransomware Surge in Healthcare

Ransomware attacks on the healthcare sector surged in 2024, with over 2,600 incidents reported. These attacks disrupted critical services and compromised patient data, leading to significant operational and financial impacts. The healthcare sector, which had previously been considered somewhat off-limits by cybercriminals, became a prime target due to its reliance on digital systems and the sensitive nature of its data.

7. Espionage Campaigns by Chinese Threat Actors

Chinese espionage campaigns continued to be a major concern in 2024. These campaigns targeted the U.S. and its allies, focusing on critical sectors such as government, military, and technology. The intricacy and scope of these assaults indicated a calculated action by Beijing to perhaps interfere with or destroy vital services in the case of rising military conflicts or geopolitical tensions.