2024 was another record year for cyberattacks from both State Actors and Cybercriminal Groups. State Actors increased their activities in cyberspace, driven by geopolitical expediency and technological advancements. China-aligned groups emerged as the number one global cyber threat, conducting operations on every continent. In the US, Chinese campaigns penetrated critical systems, gaining illicit access to energy, water, telecommunication, and other US Critical Infrastructure - a threat also seen in Europe, Middle East, Asia-Pacific, and Africa. The extensive data leak from Chinese firm I-Soon further confirmed the Government's use of private companies for global cyber operations.
Russia-aligned groups have continued targeting Ukraine and its supporters, while Iran-aligned cyber groups launched disruptive attacks on civil society before shifting focus to espionage, targeting sectors like transportation in Israel. Iranian cyber activity also stretched beyond the Middle East.
Malicious actors continued to exploit the flow of vulnerabilities in major platforms and supply chains, while disinformation campaigns and AI-generated threats have become increasingly prominent. Russia and China quickly harnessed this capability to advance their geopolitical objectives.
Cybercrime groups also thrived, with the criminal ecosystem on the dark web and other platforms continuing to flourish. Law enforcement achieved some success, notably with the takedown of LockBit. However, many criminals remain beyond reach, often reemerging under a different guise - like a game of “Whack-a-mole”.
Amid persistent cyber threats, Governments and international organisations focus on cyber resilience. Notable initiatives include the UN Convention on Cybercrime, finalized this year, and the UK/France-led Pall Mall Process to tackle spyware misuse. In the EU, 2024 saw the adoption of significant legislation, including the AI Act, the Cyber Resilience Act (CRA), the Cyber Solidarity Act, and the adoption of NIS2.
This momentum will continue in 2025 with new strategies and financing aimed at strengthening the EU's cyber defense. Elsewhere, cybersecurity legislation also advanced. In the US, an update to the National Cybersecurity Strategy introduced 100 initiatives to boost cyber resilience, alongside significant actions, such as the Maritime Cybersecurity Executive Order to secure ports and vessels. The Australian Government laid the groundwork for the Cyber Security Bill, including measures for resilience and a proposal for mandatory reporting of ransom payments.
As we look ahead, the picture remains troubling. Sadly, you don’t need to be a psychic to expect cyber threats to grow in 2025, increasing in volume and sophistication, driven by technological advancements like generative AI, system vulnerabilities, geopolitical tensions, and attractive rewards for states and criminals alike.
Comments