Quarterly Threat Report: Q3 2024 Round Up

As we move through 2024, the cyber threat landscape continues to evolve, showing a worrying increase in both frequency and sophistication of attacks. The third quarter has been no exception, with cybercriminals continually enhancing their strategies and tactics to exploit weaknesses across various sectors. In response to these threats, significant measures have been introduced, including the King’s Speech, which announced new legislation aimed at enhancing cyber security resilience.

Top cyber threats in Q3 2024:

Following the high levels of cybercrime in the second quarter of 2024, the third quarter saw a continuation of sophisticated and frequent cyber threats. Below are the key threats that shaped the third quarter of 2024:

• Ransomware attacks: Ransomware attacks remained a top concern, with an increase in both frequency and sophistication.
• Phishing and social engineering: Phishing schemes rely heavily on social engineering, tricking people into giving away sensitive information. Attackers are crafting increasingly realistic messages, making it harder for users to spot fraudulent communications.
• Cloud security breaches: As more businesses move to the cloud, risks like misconfigured settings, unauthorised access, and data exposure persist. Strong cloud security is essential to protect sensitive information.
• AI-powered attacks: Cybercriminals are now harnessing AI to scale up attacks, including creating realistic deepfakes and finding system weaknesses faster. All of which increase risks for organisations.
• Business Email Compromise (BEC): This continued to be a major threat, with cybercriminals increasingly using impersonation tactics to deceive employees. These attacks often target financial transactions and sensitive communications, leading to major financial and reputational losses.

These threats underscore the need for strong security practices, regular employee training, and active monitoring to keep up with the evolving cyber risk landscape. Discover the top threats that dominated Q2 2024.

What’s in the news?

Kings speech

On Wednesday, July 17, 2024, the King announced that parliament will introduce a new Cyber Security and Resilience Bill, and Digital Information and Smart Data Bill.

The King’s Speech was intended to outline Labour’s comprehensive plans for AI and cybersecurity. Although no new AI bill was introduced, the government emphasised its commitment to future legislation for advanced AI model development. Among the 40 bills in the new legislative agenda, the Cyber Security and Resilience Bill and the Digital Information and Smart Data Bill specifically aim to ensure the responsible use of data and technology.

The Government recognises the evolving cyber threat landscape. This new legislation will aim to bolster the UK’s defences against these threats, ensuring robust protection for critical infrastructure, businesses, and digital services.

The CrowdStrike outage

In July, CrowdStrike, a leading cybersecurity firm specialising in Endpoint Detection and Incident Response (EDR), experienced a global IT outage that significantly impacted Microsoft services. The glitch caused Windows devices to display the infamous blue screen of death (BSOD) or a recovery screen prompting users to restart their PCs.

Microsoft quickly identified CrowdStrike as the source of the issue. Although the initial problem was resolved swiftly, the outage’s repercussions lasted for days, making it one of the most severe cyber events since the WannaCry attack in May 2017.

The outage affected over 8.5 million Microsoft devices worldwide, causing widespread disruption. Airports faced chaos with over 1,000 flight cancellations and delays, leading to massive queues. The NHS and GPs struggled to access records, online bookings, and repeat prescriptions. Banks, broadcasters, transport services, and retailers also reported significant disruptions.

The incident began when CrowdStrike released a configuration update for Windows operating systems, intended to protect against malicious attacks. However, a defect in the update caused Windows devices to restart unexpectedly during the startup process, leading to a continuous reboot cycle, known as a boot loop. This resulted in system crashes and the dreaded blue screen of death (BSOD).

Key takeaways:

• Risk management and business continuity – Re-evaluate your current risk management strategies. Identify vulnerabilities, assess potential impact, and create contingency plans for major disruptions. This will ensure that your business can get back up and running as soon as possible without the loss of data.
• Robust backup strategy – Implement a comprehensive backup strategy with multiple copies stored in different locations. Follow the 4-3-2 backup rule: maintain 4 copies of your data in 3 different locations, with 2 of those locations being off-site.
• Proactive and regular resting – Regularly test your business continuity plan, including staged rollouts and updates. Closely monitor the impact to ensure the plan’s effectiveness and make necessary adjustments.
• Regular patching and updating – Consistently apply updates to software and hardware to secure systems against newly identified threats. Patch management can significantly reduce potential breach points.
• AI-powered defences: Invest in AI-powered defences, like EDR, to better detect AI-driven attacks. Establish clear guidelines for AI use in your operations to mitigate risks and ensure ethical practices.

Don’t be the next victim

We provide a free IT audit to help you establish a solid foundation for future growth and success. Our audit identifies any vulnerabilities or weaknesses in your infrastructure and ensures that your antivirus, threat management tools, and updates are fully up-to-date.

Discover more strategies to improve your cyber security in our blog post titled ‘Strengthening Your IT Resilience in 2024 & Beyond’ Alternatively, feel free to contact us for further assistance in enhancing your security posture through cyber resilience.