Cyber attacks more sophisticated than ever: the 2024 report

The cyber attacks of 2024 posed a momentous challenge to cybersecurity, as one could already guess from the overview of the evolution of cyber crime in Italy and around the world that emerged from the Clusit report at the beginning of the year. Attacks have become more sophisticated, targeting vital infrastructure, world-class organizations, and even sensitive sectors such as health care and the electoral system. Through analysis of the year's major events, attack patterns emerge that use cutting-edge technologies to maximize damage and complexity, such as artificial intelligence, which is becoming an increasingly dangerous tool in this field.

Deepfake: the digital shadow over the truth

Among the threats that emerged in 2024 were the Deepfakes have continued to pose a crucial challenge to cybersecurity and political stability. This technology, which allows images and videos to be manipulated in an extremely realistic way, has been exploited not only for fraud and disinformation campaigns, but also to undermine trust in authentic content.

A Institute for International Policy Studies report. (ISPI) highlighted how deepfakes were used to create misleading content during the election in the United States, India and South Africa, generating a climate of suspicion and confusion. Although their direct impact has been less devastating than expected, the real risk of deepfakes lies in their ability to fuel the so-called information chaos. The mere possibility of authentic content being perceived as false may have destabilizing consequences for governments and institutions.

In addition to social harm, deepfake technology poses a threat to companies and individuals. Fraudsters used fake videos of executives to convince employees to make fraudulent money transfers, showing that this technology is not only a political issue, but also an economic and reputational threat.

Addressing the problem requires a joint approach: Investing in advanced sensing technologies based on artificial intelligence and Promote digital literacy among users, so that they can recognize false content and adopt responsible online behaviors.

Salt Typhoon: the attack on American telecommunications.

The month of June saw one of the largest and most sophisticated cyber attacks in 2024. Named Salt Typhoon, this attack focused on major U.S. telecommunications companies, including Verizon, AT&T and T-Mobile, which together hold nearly 99% of the mobile phone market in the United States.

Hackers exploited a vulnerability in security systems to access sensitive data related to millions of users. Preliminary investigations indicated that the main goal was the acquisition of personal data, which could be used for fraud or sold on the dark web.

The scale of the attack has raised critical questions about the security of telecommunications infrastructure, considered essential to the functioning of modern society. Although U.S. authorities have stepped up investigations, experts warn that it may take a long time to identify the full extent of the damage and discover whether the attackers have left backdoors in the systems.

Paris Olympics: cyber attacks take center stage

During the Paris Olympic Games, which took place between July and August, Europe has become a battleground for cybercrime. The French cybersecurity agency (ANSSI) has reported more than 140 cyber incidents, including 22 targeted attacks on critical infrastructure related to the event.

The main targets of the hackers included communication systems used for television broadcasting and online ticketing platforms. Although many attacks were repulsed through pre-planning, the events highlighted how difficult it is to protect complex infrastructure during high-visibility events.

Cyber attacks on the healthcare sector: the Synnovis case

The attack on Synnovis, which occurred on June 3, 2024, Has had a significant impact on the UK health sector, particularly on the National Health Service (NHS). Synnovis is a service provider that manages patient data, a crucial part of the NHS infrastructure. The attack was conducted via ransomware, compromising about 400 GB of sensitive data, including confidential clinical information. The hacker group responsible for the attack is the Russian collective Qilin, known for its involvement in ransomware attacks.

Qilin not only encrypted the data, but also threatened to publicly release this sensitive information if a ransom was not paid. This type of attack is not limited to damaging computer systems, but creates also long-term damage, severely undermining trust of patients and the public, as it compromises the privacy and security of personal data, particularly health-related data.

How HRC and CyberBrain can help counter these threats

In the face of these increasingly complex challenges, we at HRC e CyberBrain We are strongly committed to the fight against cybercrime.
Prominent among the solutions offered are:

• MDR (Managed Detection and Response): an antivirus solution that combines continuous monitoring and rapid response to threats, significantly reducing response time.
• Awareness: training programs that educate employees to recognize phishing attempts, malware, and other suspicious behavior.

For more than two decades, we have been helping companies and institutions build a resilient defense, reducing the impact of cyber threats.