- CrowdStrike IT shutdown: A flawed software update in July affected 8.5 million devices worldwide, with financial losses reaching $5.4 billion. Recovery efforts require manual intervention despite the cybersecurity firm’s quick fixes.
- Change Healthcare ransomware attack: In February, a ransomware attack affected more than 100 million people in the US, crippled healthcare and led to $4.457 billion in financial damage.
- CDK global attack: Automotive software provider CDK Global suffered a ransomware breach in June, affecting approximately 15,000 vendors across North America. Recovery was complicated by subsequent attacks.
- Israel-Hamas cyber conflict: Amid the ongoing conflict, cyber incidents involving kinetic attacks have caused casualties and injuries across the region, highlighting the intersection of physical and digital warfare.
- OpenSSH vulnerability: A zero-day exploit in July exposed more than seven million instances of OpenSSH servers, underscoring the critical need for effective software security measures.
- XZ Utils agrees: A critical vulnerability in an open source library was discovered in March, averting a potential global supply chain attack. The investigation linked the breach to a long-term project by an unknown actor.
- Ivanti VPN breach: Vulnerabilities in January and February exposed critical remote access systems, posing risks to business security and supply chains.
- Salt Cyclone spy mission: Chinese state-sponsored hackers have targeted telecommunications infrastructure around the world, compromising surveillance systems and raising concerns about supply chain sustainability.
- Blue Yonder ransomware attack: The November breach disrupted retail and grocery delivery chains in the US and UK, disrupting operations during peak shopping periods.
- Snowflake data breach: A May attack on a cloud provider exposed customer data from industries including finance and retail, caused by weak authentication processes at customer sites.
The report also discusses industry-wide risks, such as reliance on cloud providers, and highlights resilience strategies. These include adopting multi-cloud frameworks, consolidating edge computing, and implementing a variety of Endpoint Detection and Response (EDR).
Source link
