The year 2024 was marked by an unprecedented wave of cybersecurity incidents, from devastating data breaches to crippling ransomware attacks. As new threat actors emerged and vulnerabilities were exploited, both private and public organizations struggled to keep pace. BleepingComputer highlighted the most impactful stories, and here’s a summary of some of the year’s most critical incidents:
Major Cyberattacks and Data Breaches
- Internet Archive Breach – In October, a dual attack hit the Internet Archive, exposing the data of 33 million users and forcing service disruptions. Threat actors exploited an exposed GitLab configuration file to gain access.
- National Public Data Leak – A staggering 2.7 billion personal records, including Social Security numbers, were leaked in August. The breach impacted millions, with hackers later leaking the data for free on a hacking forum.
- Microsoft Email Breach by Russian Hackers – Russian-backed group Midnight Blizzard infiltrated Microsoft’s corporate email, stealing sensitive communications and source code. The breach extended to U.S. federal agencies, raising national security concerns.
Industry-Wide Disruptions
- Faulty CrowdStrike Update Crashes Millions of Devices – A botched update from cybersecurity giant CrowdStrike in July led to 8.5 million Windows devices crashing worldwide. Cybercriminals capitalized on the chaos by distributing malware through fake repair tools.
- CDK Global Ransomware Attack – A Black Suit ransomware attack on auto-industry SaaS provider CDK Global disrupted operations for car dealerships across the U.S., halting sales, financing, and service.
- UnitedHealth Ransomware Incident – A February ransomware attack on Change Healthcare, a UnitedHealth subsidiary, affected the healthcare sector nationwide. The company paid a $20 million ransom to restore operations, but extortion attempts continued.
Government Actions and Security Reforms
- Kaspersky Banned in the U.S. – The Biden administration banned Kaspersky antivirus in June, citing national security concerns. A forced migration to UltraAV left users outraged.
- Telecom Hacks by Chinese Group Salt Typhoon – Chinese state-sponsored hackers breached major U.S. telecom providers, stealing call data and infiltrating surveillance platforms. The attacks prompted legislative action to improve telecom cybersecurity standards.
- LockBit Ransomware Disrupted – In February, international law enforcement seized LockBit’s infrastructure, but the ransomware group re-emerged days later with renewed threats. Despite efforts to return to prominence, LockBit struggled under continued pressure from global authorities.
Emerging Threats
- Rise of Infostealers – Information-stealing malware campaigns surged, targeting everything from browser data to cryptocurrency wallets. Cybercriminals used infostealers to breach corporate networks and financial accounts, prompting renewed calls for two-factor authentication.
- North Korean IT Worker Scheme – North Korean operatives posed as remote IT workers to infiltrate U.S. companies and fund their nation’s operations. A high-profile arrest in August highlighted the growing threat, with several companies unknowingly hiring such agents.
Looking Ahead
As cyber threats grow more sophisticated, 2024 underscores the critical need for robust cybersecurity measures. Organizations must strengthen defenses, governments must implement stricter regulations, and individuals must adopt best practices like multi-factor authentication to mitigate risks in an increasingly digital world.