CloudSEK Unveils its 2024 Threat Landscape Analysis

• 03 Jan 2025
• TM Team
• 0 Comments

CloudSEK has unveiled its 2024 Threat Landscape Analysis, offering eye-opening insights into the escalating  cyber threat ecosystem. This comprehensive report brings to light the scale, sophistication and implications of cybercriminal activity in 2024, revealing the vulnerabilities and industries most at risk, while providing actionable solutions to bolster defenses.

From underground forums to  ransomware extortion, the report serves as an indispensable guide for organizations, policymakers, media and cybersecurity professionals navigating today's volatile threat environment.

Unveiling the Dark Web: Threat Actor Activity and Trends

The dark web remains a thriving marketplace for stolen data, illicit services and digital espionage. In 2024 alone:

- 45 Highly Active Threat Actors Identified: Out of hundreds of threat actors, 45 cybercriminals collectively traded over 534 TB of stolen data, targeting businesses and individuals worldwide.

- Key Forums in Focus: Platforms like BreachForums, Leakbase and XSS dominated as hubs for data trading and illegal activities. BreachForums saw a sharp resurgence after a temporary FBI seizure in May, resulting in heightened activity through the latter half of the year.

- Data in Demand: Threat actors sold personal identifiable information (PII), credentials, customer data, medical records and even government files, amplifying risks for organizations and individuals alike.

"Cybercrime is evolving rapidly, with underground forums not only facilitating illegal trade, but also enabling collaboration among threat actors. This makes monitoring these spaces critical to understanding and countering emerging threats," said CloudSEK's research team.

Industries and Regions Under Attack

No industry or geography was immune to cyber threats in 2024:

Most Targeted Sectors: Retail, IT and Technology and Communications were hit hardest. Retail alone accounted for over 230 victims, underscoring the value of customer data like payment card information.

Geographic Hotspots:

- United States: The most targeted country, with 140 attacks, due to its economic dominance and digital infrastructure.

- India: Rapid digitization exposed 95 entities, making it the second most attacked nation.

- Israel: Geopolitical tensions drove 57 attacks, targeting critical infrastructure and high-value assets.

These findings highlight the global reach and strategic motivations of cybercriminals, ranging from financial gain to political disruption.

Ransomware: A Relentless Threat

Ransomware attacks escalated in both scale and complexity this year:

- Top Industries Affected: Manufacturing (16.3 percent), Healthcare (10.8 percent) and Real Estate (12.1 percent) were disproportionately targeted, disrupting critical operations.

- Ransom Demands Soar: Average demands peaked at over $2 million in late 2024, with ransom groups such as LockBit 3.0 and RansomHub leading these attacks.

- Data Exfiltration Trends: Over 994 TB of data was stolen, further emphasizing the pivot toward double and triple extortion tactics.

"Ransomware is no longer just about locking systems; it's about weaponizing stolen data. This shift has devastating consequences for businesses and individuals," explained CloudSEK's research team.