Cyber threats - H1 2024

The first half of 2024 saw a worrying trend in cyberattacks targeting specific industries and key report findings include:

Manufacturing and Industrial Products remains the top targeted industry by cyber threat actors in H1 2024, leading with 377 confirmed reports of ransomware and database leak hits in the first half of the year.

Professional Services saw an increase in reported database leaks and ransomware attacks, jumping by 15% compared to 2023 with 351 cases reported vs. 334. Legal services organizations, including courthouses, and supply chains have become prime targets due to the wealth of intellectual property and sensitive data they possess.

Healthcare & Life Sciences – Ransomware and database leak incidents surged by 180% in February 2024 compared to the same period in 2023, coinciding with the attack on Change Healthcare and other healthcare providers.

Engineering and Construction remained a consistent target for cyberattacks in the first half of both 2023 and 2024 with the United States bearing the brunt of cyberattacks in the first half of 2024, experiencing a staggering 46.15% increase compared to 2023.

Technology – Researchers found a 12.75% decrease (from H1 2023) in database leaks and ransomware attacks targeting technology companies.

There were also trending concerns for businesses, including:

• BEC attacks: Previously focused on large corporations, BEC scammers are now targeting smaller, less cybersecurity-conscious businesses.
• Deepfakes and social engineering: Findings show a surge in deepfake attacks, with an exponential 3,000% increase in deepfake fraud attempts.
• Abuse of open-source repositories: Attackers are increasingly using these repositories to launch two main types of attacks: repo confusion attacks and supply chain attacks.