Cyber-attacks remained a growing threat for both public and private sectors in 2024. In addition to the persistent spread of ransomware, other approaches also increased (e.g., DDoS attacks rose by 46% in the first half of 2024). One of the most targeted industries was the healthcare industry, such as hospitals, that treats sensitive data (e.g., patient health conditions) and provides critical services (e.g., urgent cares). Another serious victim was the telecommunication industry, where state-supported attackers (e.g. China-backed hackers) conducted espionage into government and political networks and access to national security data. Some of these attacks were supposed to use advanced technologies such as AI and machine learning. The author expects that these trends will continue and suggests organizations some specific preventive measures, such as MFA (multi-factor authentication), anti-phishing training for all staff, and Zero Trust principles. For 2025, major concerns include ever-growing ransomware threats via third-party channels, state-sponsored cleverer tactics (e.g., “living off the land” method), and malicious application of quantum computing.
