Closing off Q4, often brings with it a sense of relief. There are the holidays to look forward to as business slows, and many companies can afford to close or operate on skeleton staff through the festive season, giving staff a well-earned break.

In cybersecurity, though, there’s no time for relaxation. If 2024 has shown anything, it’s that threat actors seem to be of the opinion that “Anyone’s fair game!” Businesses aren’t the only ones being targeted anymore – hospitals, telecoms, water infrastructure, supply chains, schools, legal firms, and medical service providers have all come under attack much more in 2024.

Attacks have become more sophisticated and subtle, with threat actors using multiple methods to infiltrate systems and then go after what they want. They’re using age old methods including social engineering but then combining this with more advanced tactics once they gain access to a system.

By combining verified access and inside knowledge of systems, the attacks are becoming more difficult to identify, giving threat actors more time to operate undetected within a system.

A single vulnerability can become a gateway for a much bigger attack, impacting thousands of users and multiple businesses across more than one sector. This has played out in finance, healthcare and supply chains. The disruption following these incidents has highlighted the level of chaos that can be inflicted on communities.

So just how are cybersecurity firms keeping a step ahead? We highlight some of the major breaches of 2024:

Telecoms and ISPs

With connectivity essential to business operations, it is no surprise that threat actors are targeting telecoms networks and ISPs. Find the vulnerability in the system and it opens up a world of data. One such case is a breach of more than 22 million subscribers of a major French ISP, who had their customer data stolen. The attack targeted the company’s internal management tool and the data was then put up for sale on the dark web. Another attack targeted a telecom’s operator in Spain affecting routing infrastructure and resulting in network interruptions.

AI advantage or disadvantage?

With new versions of AI being released, bugs and vulnerabilities are inevitable. The question is whether they get found in time. In the case of ChatGPT4, a Mozilla AI bug bounty program identified how carefully combining specific inputs can exploit unknown vulnerabilities, even using emojis. Increasingly AI is being used to amplify attack potential. Can this be prevented by countering with AI driven early detection?

Making cybersecurity less secure

As much as cybersecurity companies try advancing their offerings, vulnerabilities can remain. An example is missing authentication functions within Fortinet that became a zero-day vulnerability. This was rapidly exploited to gain admin access to the system manager, which gave the attackers an inside view of the configuration of firewalls and network topology for thousands of devices. How much better is it to have an inside view of how security is set up when looking to exploit vulnerabilities?

It would seem that despite advances made in cybersecurity, there’s never much time to celebrate victories. There will always be misconfigurations and vulnerabilities that threat actors are watching and waiting to act on.