Cybersecurity Nightmare of 2024: State-Sponsored Attacks and Breaches

This year has been marked by numerous state-sponsored attacks and breaches that have compromised the personal data of millions. Cybercriminals and espionage groups have exploited weaknesses in systems to fuel their frenzy, causing real consequences for people’s privacy, safety, and security.

China-linked group Salt Typhoon carried out a notable operation this year, breaching US telecom companies including Verizon and AT&T. The attackers targeted individuals who were already subject to wiretap orders as well as state department officials and members of presidential campaigns.

Meanwhile, Snowflake customer breaches led to the theft of data from prominent victims like Ticketmaster, Santander Bank, and Neiman Marcus. In one instance, nearly all records relating to AT&T’s customers’ calls and texts from 2022 were stolen.

Other notable attacks include a ransomware attack on Change Healthcare, which impacted over 100 million people, and a breach of the medical billing company’s database. The attackers demanded $22 million in ransom, but payment seemed to embolden them to hit healthcare targets even more aggressively.

Russia’s Midnight Blizzard hackers breached Microsoft in January, compromising historic system test accounts and exfiltrating emails and attached documents. Hewlett-Packard Enterprise also suffered a corporate email breach attributed to the same group.

The National Public Data breach was significant, affecting 1.3 million people, while North Korean cybercriminals stole over $1.34 billion across 47 incidents in 2024. These attacks demonstrate the seriousness of the crimes and their potential impact on international security.

Source: https://www.wired.com/story/worst-hacks-2024