Cybersecurity Lessons from 2024

In their webinar, Cybersecurity Lessons from 2024 and 2025 Forensic Predictions, Matt (Heff) and Aaron went over their 2024 predictions and what lessons could be learned from the past year. Because there were so many breaches last year, there’s actually a lot of data surrounding what attacks are trending and what we can expect for 2025. 

Read this blog to discover what they got right and wrong about 2024 cybersecurity breaches and what we can learn from this past year.

What They Got Right about Cybersecurity Breaches in 2024

2024 was a “crazy year” from a news perspective. The Change Healthcare breach was a big data breach for the year, with other ecommerce attacks on businesses like SolarWinds. Aaron and Heff successfully predicted these items for 2024: 

• Increased Use of AI in Hacking: AI-assisted attacks became more prevalent, automating reconnaissance and exploit development beyond expectations. Heff and Aaron admit that they may have underestimated just how prevalent this attack type would be in 2024. 
• More Sophisticated Iterative Attacks: Attackers refined their techniques, hiding malicious code within website logos to evade detection.
• Deepfake Exploits: The use of deepfake technology increased, aiding in fraud and misinformation.
• Node.js Vulnerabilities: Major security flaws were discovered, including a December vulnerability allowing remote code execution.

Some cybersecurity happenings took Aaron and Heff by surprise in 2024. Let’s get into what they got wrong. 

What Cybersecurity Predictions They Got Wrong in 2024

Hey, no one is perfect! Here are the predictions that Aaron and Heff didn’t get right for cybersecurity breaches in 2024: 

• Ecommerce Host Breaches: They predicted an increase, but breaches at the host level actually declined, shifting more towards browser-based attacks.
• Crypto Attacks: Expected to decrease but instead skyrocketed, with a major attack in Japan leading to $300 million in losses.

All in all, not too many of Heff and Aaron’s predictions proved to be untrue for 2024. 

Major Cybersecurity Trends & Events in 2024

There were also many cybersecurity trends and events in 2024 that Heff and Aaron didn’t anticipate. These include: 

• Ransomware on Supply Chains & Service Providers: Attacks increasingly targeted supply chains, causing widespread disruptions. You probably felt this one the most in 2024 as it increased inflation, affected businesses, and delayed shipping. 
• Supermarket Chain Outage: A ransomware attack affected 2,000 grocery stores on the East Coast, disrupting online orders and pharmacy services.
• Longer Breach Detection & Containment Times: The average breach took 194 days to identify and an additional 64 days to contain.
• Record Number of Ransomware Gangs: 2024 saw the highest number of active ransomware groups ever recorded.
• Law Enforcement's LockBit Takedown: A major win against ransomware, but it created a vacuum for smaller groups to rise.
• Rise of Ransomware-as-a-Service (RaaS) & Phishing-as-a-Service (PhaaS): Lowered barriers for entry into cybercrime, increasing threat actors.

The Major Cybersecurity Breaches of 2024

To understand the predictions Heff and Aaron have for 2025, it’s important to understand two of the biggest breaches of 2024 and what went wrong. 

The National Public Data Breach (NPD) was the largest breach of 2024, with 2.9 billion records stolen. Unfortunately, with delayed discovery, NPD was hacked in December 2023 but wasn’t disclosed until August 2024. This breach was also glossed over by the media, perhaps because of data breach fatigue in 2024. 

As mentioned above, the UnitedHealthcare or Change Healthcare Breach was the largest healthcare breach of 2024. Over 190 million records that contained protected health information were compromised. The cause of the breach was stolen credentials with no Multi-Factor Authentication (MFA) in place. A whopping one-third of Americans were affected by the breach, disrupting hospitals, doctors' offices, and pharmacies. 22 million dollars were paid to the attackers as a ransom. This breach prompted updates to HIPAA regulations, which we will see in 2025. 

What We Can Learn from Major Attack Trends in 2024

There’s a lot to learn from attacks in 2024 but some of the major takeaways include protecting business information, AI’s role in cybersecurity breaches, and protecting passwords. 

Business information will always be valuable to hackers, and companies can mitigate this risk by requiring MFA (Multi-Factor Authentication) as well as regular phishing training. AI has increased the speed and effectiveness of attackers. Employers can combat this with workforce training on what AI deepfakes look like, how to check if something is artificial intelligence, and how AI can predict passwords. Finally, creating and updating your passwords to be strong and hard to predict is nothing new, and yet it is a core part of cyber hygiene.