2024 Threat Roundup

Top Cybersecurity Trends from Vedere Labs

We track cybersecurity trend lines across cyber attacks, exploits, malware and threat actors every year, so you can know where to focus and act.

Threats to critical infrastructure, government and specific vertical industries using OT technology are increasing. See where.

Watch WebinarRead Report

 

900M

Attacks in 2024

33% ↑

Threat Actors YoY

114% ↑

Attacks '23 to '24

668% ↑

Critical Infrastructure Incidents '22 to '24

Webinar: The Most Defining Cybersecurity Trends of 2024

Join leaders from Vedere Labs for a deep dive into the essential cybersecurity trends from the last year. From shifting attack origins to an increase in threat actors, we dissect pivotal events that define today.

Watch Now

Top 10 Countries Originating Cybersecurity Attacks

Russia Tops Attack Origin, China 2x Threat Actors

  • Attacks originate from 213 countries
  • 10 countries account for 78% of malicious traffic
Read the Blog

Distribution of Exploited Vulnerabilities by Software Type

Top 3 Attacked Service Types

  1. Web applications — most often via exploited vulnerabilities
  2. Remote management protocols
  3. Remote management services
    • Specific usernames linked to databases
    • Cloud and DevOps infrastructure

Top 10 Targeted Industries

Threat Actor Increase in Verticals

Top 3 Increase (YoY)

  1. Energy: 93%
  2. Manufacturing: 71%
  3. Healthcare: 55%

Threats Unleashed Across 176 Countries

Threat actors have targeted 176 countries which is 13 more than in 2023.
Once again, the U.S. is the most targeted country on the planet by 264 actors. Germany ranks second at 144; India is third at 141.

Heat map: countries most targeted by threat actors

Top 5 Attacks by OT Protocol

OT Attacks

  • Five OT protocols are consistently targeted: Modbus, Ethernet/IP, Step7, DNP3, BACnet
  • Three building automation protocols are consistently targeted: BACnet, Fox, KNX

Distribution of Malware Types

Malware

  • 5 of the most popular malware families are new: Lumma, Gafgyt, Healer, Credential Flusher, and Remcos. Lumma is the most popular new entry.
  • 4 of the most popular C2 of 2024 are new: Viper, DarkGate, Quasar, DcRAT. Although Cobalt Strike remains by far the most popular C2.

Go Deep Into the Research

In this comprehensive trends report, Forescout Research – Vedere Labs meticulously analyzes attacks, exploits, and malware observed throughout the entirety of 2024. It also includes information on vulnerabilities and exploits that are not on the CISA-KEV list but are being exploited today.

Get Report

Strategic Recommendations:
How Forescout can Help

  • Risk and exposure management. Identify, quantify and prioritize cybersecurity risk. Start by discovering and assessing every connected asset to gain real-time awareness of your attack surface.
  • Network security. Continuously monitor all connected assets to govern network access, using real-time traffic visibility to manage segmentation and dynamic control policies to mitigate and remediate risk.
  • Threat detection and response. Detect, investigate and respond to true threats and incidents using threat detection and response capabilities to collect telemetry and logs, correlate attack signals, generate high-fidelity detections and enable automated responses.
schedule a demo
Demo RequestForescout PlatformTop of Page