The cyber threat landscape in 2024 is shaping up to be worse for cybersecurity teams than 2023.
Threat intelligence firm Flashpoint has logged dramatic increases in all major threat indicators January through February 2024.
According to Flashpoint’s data there were 6,077 recorded data breaches in 2023, with attackers accessing more than 17 billion personal records (up 34.5% on 2022’s figures). In the first two months of 2024, this increased by 429% as compared to the same time frame in 2023.
The United States is one of the most targeted countries in terms of data breaches, suffering more than 60% of all breaches in 2023 (3,804). This was a 19.8% increase over 2022 incidents and a 30% over the same period of 2023.
Ransomware attacks increased by 84% in 2023 over 2022. The first two months of 2024 saw a further 23% increase over the first two months of 2023.
One attack and one attacker stood out during 2023: the MOVEit attacks (leveraging CVE 2023-34362), and the LockBit ransomware group. The MOVEit attacks account for 19.3% of all reported 2023 attacks. LockBit claimed 1.049 victims, around 20% of all known ransomware attacks in 2023.
In terms of the types of businesses impacted in 2023, according to the Data Breach Outlook from Kroll, the finance sector overtook healthcare for the most breached industry. Financial businesses accounted for 27% of the breaches handled by Kroll, compared to 19% in 2022. Healthcare dropped to second place, accounting for 20% of breaches and down slightly from 2022 where it accounted for 22% of breaches.
Further impacting the cybercrime environment in 2024 are ongoing political tensions related to upcoming elections in the U.S. and European Union as well as the biggest sporting event in the world, the 2024 Summer Olympics in Paris, creating a perfect storm of high-profile events.
2024 will be another year of surprises in terms of headline-making cybercrime. With new developments in generative AI and other issues shaping the landscape, it will be an interesting year as well. But with proper planning and agile cybersecurity strategies, organizations can mitigate these impending threats.
