Cybersecurity was a major news story in 2024. We saw a lot of big data breaches, dangerous attacks, and problems with important systems that affected millions of people around the world.
From huge data leaks to sneaky attacks on essential things like power grids, cyber threats got worse and more complicated this year. Some of the biggest problems included massive data breaches, hacking attacks, and flaws in popular software. Here are the 12 most important cybersecurity events of 2024.
1. Internet Archive Breach
The Internet Archive faced dual threats in October—a data breach exposing 33 million users’ data and a DDoS attack attributed to the pro-Palestinian group SN_BlackMeta. The breach occurred when hackers exploited an exposed GitLab configuration file, gaining access to source code and database credentials. This event underscored the need for better security practices in open-source repositories and third-party integrations.
2. CrowdStrike Update Crash
In July, a faulty update from CrowdStrike’s Falcon software caused 8.5 million Windows devices to crash worldwide. Organizations, including hospitals and financial institutions, faced significant disruptions. Hackers capitalized on the chaos by distributing malware through fake fixes, deepening the crisis. This incident highlighted the vulnerabilities in automated update systems and the importance of robust validation processes.
3. Kaspersky Ban in the U.S.
The Biden administration banned Kaspersky antivirus software in June, citing national security concerns. Users were required to switch to UltraAV, which was force-installed on devices, causing widespread frustration. Kaspersky’s exit marked the end of its U.S. operations and served as a reminder of the geopolitical dimensions of cybersecurity.
4. Russian Hackers Breach Microsoft
Russian state-sponsored group Midnight Blizzard (aka APT29) breached Microsoft’s email servers, stealing sensitive data from leadership and government-related accounts. Using a legacy test tenant account, the hackers accessed privileged applications and critical information. This breach exposed weaknesses in managing legacy systems and heightened concerns about corporate espionage.
5. National Public Data Breach
A breach at National Public Data exposed 134 million email addresses, Social Security numbers, and other personal details. Initially offered for sale at $3.5 million, the data was eventually leaked for free on hacking forums. This breach highlighted the risks of aggregating massive amounts of sensitive data without adequate protection.
6. CDK Global Ransomware Attack
Black Suit ransomware disrupted operations at CDK Global, a SaaS provider for car dealerships. The attack caused widespread outages, preventing dealerships from completing sales, financing, and repairs. This incident underscored the vulnerability of industry-specific SaaS platforms and their critical role in daily operations.
7. Snowflake Data Thefts
Threat actors stole data from companies using Snowflake’s cloud platform by exploiting compromised credentials. Affected firms included AT&T, with 109 million call records exposed. These breaches highlighted the ongoing dangers of weak credential management and malware-infected devices.
8. North Korean IT Espionage
North Korean operatives infiltrated U.S. companies under the guise of IT professionals, generating revenue for the country’s nuclear program. High-profile arrests and corporate breaches revealed the extent of this campaign, emphasizing the need for stringent hiring practices and background checks for remote workers.
9. Change Healthcare Ransomware Attack
In February, BlackCat ransomware crippled Change Healthcare, disrupting the U.S. healthcare industry. Hospitals struggled to process claims, and patients paid full price for prescriptions. Despite paying an alleged $22 million ransom, Change Healthcare faced repeated extortion attempts. This incident reinforced the importance of multi-factor authentication and robust cybersecurity defenses.
10. LockBit Ransomware Disrupted
An international operation dismantled LockBit’s infrastructure in February, seizing servers and cryptocurrency assets. While the group attempted to regroup, it struggled to regain prominence as affiliates moved to rival operations. The takedown demonstrated the power of coordinated international law enforcement efforts.
11. Windows 11 Recall Controversy
Microsoft faced criticism over its AI-powered Windows 11 Recall feature, which raised privacy concerns. Despite delays and added safeguards, the software’s vulnerabilities made it an attractive target for hackers. The controversy highlighted the challenges of balancing innovation with user privacy and security.
12. Telecom Breaches by China
Chinese state-sponsored hackers, dubbed Salt Typhoon, targeted telecom giants like AT&T and Verizon, stealing call logs and voicemails. The breaches also compromised U.S. government wiretapping platforms, sparking national security concerns. Proposed legislation aims to improve cybersecurity in telecom infrastructure, but the attacks revealed systemic weaknesses that require immediate action.
2024 in Review
This year revealed the growing sophistication and frequency of cyberattacks. From ransomware to state-sponsored espionage, the events of 2024 underscored the need for global collaboration, stronger regulations, and more robust security measures to protect critical infrastructure and personal data. The lessons learned will shape the future of cybersecurity for years to come.
(Article References: Bleepingcomputer)
