Identity-based attacks lead the charge

In 2024, threat actors prioritised stealth and efficiency, leveraging simpler techniques rather than custom malware or zero-day vulnerabilities.

Notably, identity-based attacks emerged as the dominant threat vector, while ransomware incidents increasingly exploited valid credentials to gain access.

These are among the top-level findings from the Cisco Talos 2024 Year in Review, that shares strategic insights into the evolving cybersecurity global landscape.

The report, based on telemetry from over 46 million global devices across 193 countries and regions, including the Middle East and Africa, analyses the most significant trends in threat actor behaviour, including identity attacks, ransomware, network vulnerabilities, and the role of artificial intelligence (AI) in cyber threats.

Fady Younes, MD for cybersecurity at Cisco Middle East, Africa, Türkiye, Romania and CIS, comments: “The findings from Cisco Talos’ 2024 Year in Review highlight the critical need for a solid cybersecurity foundation. Cybercriminals are continually taking advantage of security gaps, demonstrating the essential nature of a proactive, identity-focused defence strategy.

“And, with the emergence of remote and hybrid working models, implementing a zero-trust network access (ZTNA) strategy is key to ensure that the correct security controls are in place while enhancing end-user experience. By staying aware of these evolving tactics, organisations can reinforce their security measures and more effectively shield themselves from new and emerging threats.”

To strengthen cybersecurity and protect against emerging threats, Cisco Talos shares five key recommendations: promptly install updates and patches, enforce strong authentication methods, implement best practices such as strict access controls, network segmentation, and employee training, encrypt all traffic for secure monitoring and configuration, and apply all security measures across the network infrastructure. By adopting these practices, organisations can build a more resilient security posture.

Top threats observed in 2024 include: