The state of cyber security

Cyber security in 2024 was marked by both challenges and advancements.

Last year saw a sharp rise in AI-driven risks, high-profile ransomware attacks targeting essential services and increasing critical infrastructure threats.

Perhaps the most significant incident was the July outage affecting Microsoft’s Azure services and CrowdStrike’s security platform. Triggered by a faulty software update from CrowdStrike, the outage led to widespread disruptions across various industries, including airlines, banking and healthcare.

On the other hand, businesses have begun taking advantage of AI-powered cyber security solutions, and zero-trust strategies have become a central focus for safeguarding digital environments.

So, as we begin a new year, let us look back at some of the key incidents, threats and developments from 2024 — and see what learnings we can take into the year ahead.

The attack on critical infrastructure

Critical infrastructure increasingly came under attack in 2024. Ransomware attacks, in particular, dominated headlines, with some of the most severe incidents affecting public services and key industries:

• NHS England. A crippling ransomware attack on NHS England disrupted patient services, forcing hospitals to delay surgeries and appointments. The attack highlighted vulnerabilities in legacy systems and the critical need for robust incident response plans.
• Southern Water. A targeted ransomware campaign against Southern Water led to significant operational disruptions and data breaches, emphasising the growing threat to utilities and infrastructure providers.
• Transport for London (TfL). TfL faced a high-profile ransomware attack that impacted ticketing systems and passenger services, underscoring the risks faced by urban transportation networks.

These incidents demonstrate that ransomware remains a lucrative strategy for attackers, particularly when targeting sectors that cannot afford prolonged downtime.

The Volt Typhoon campaign, a state-sponsored operation targeting connected IoT devices, also demonstrated how interconnected systems can serve as entry points for cyber threats. From power grids to healthcare facilities, attackers used these devices to gain a foothold in critical networks.

Critical infrastructure threats are especially concerning because they affect not only the targeted organisation but also the broader population reliant on these services. As such, the need for secure IoT devices and robust monitoring solutions has become a top priority for governments and businesses alike.

The paradox of AI-powered cyber security

One of the most defining trends of 2024 was the dual role of artificial intelligence in cyber security. On the one hand, malicious actors have weaponised AI to launch sophisticated attacks, such as spear-phishing campaigns that dynamically tailor messages based on real-time data analysis. The automation of attack techniques, including AI-generated malware, has significantly shortened the timeline from breach to exploitation.

On the flip side, AI-powered cyber security tools have become essential for businesses looking to strengthen their defences. Advanced AI algorithms are now capable of detecting anomalies in network behaviour, automating threat response and even predicting potential attack vectors before they can be exploited. For organisations adopting these tools, AI has proven to be an invaluable ally in the fight against evolving cyber threats.

The quantum computing threat

Quantum computing has moved from theoretical discussions to practical applications, raising significant concerns for cyber security. Quantum computers now have the potential to break widely used encryption methods — posing a serious risk to sensitive data, intellectual property and even national security.

In answer to the growing quantum computing threat, last year saw heightened interest in quantum safety, with many organisations beginning to transition to encryption methods that can withstand quantum attacks.

The vulnerability of supply chains

Supply chain vulnerabilities remain a critical cyber security issue. Threat actors have increasingly targeted software providers, third-party vendors and other supply chain partners to gain indirect access to their ultimate targets.

The Microsoft and CrowdStrike outage exposed the risks of over-reliance on single vendors for both cloud services and security tools. For businesses dependent on these platforms, the outage proved the importance of having redundancy measures and multi-vendor strategies to ensure continuity in the event of service failures.

However, multi-vendor strategies must also be approached carefully.

A major ransomware attack on the supply chain management platform Blue Yonder exposed sensitive data and disrupted logistics operations across multiple industries. The attack on Blue Yonder was not an isolated incident; rather, it highlighted the systemic risks associated with interconnected supply chains.

In response, businesses are reevaluating their vendor risk management processes, conducting thorough assessments and implementing zero-trust strategies to limit exposure to third-party risks.

The maturation of zero-trust strategies

The adoption of zero-trust strategies matured significantly in 2024, with organisations moving beyond the conceptual phase to implement practical solutions. Zero-trust models operate on the principle of ‘never trust, always verify’, ensuring every user and device is continuously authenticated and authorised before accessing network resources.

Last year saw the integration of zero-trust principles into network architectures, driven by regulatory requirements and the increasing sophistication of cyber threats. As a result, businesses are deploying advanced identity management systems, implementing micro-segmentation and leveraging continuous monitoring to create robust zero-trust environments.

Preparing for the year ahead

The cyber security challenges of 2024 have reinforced the need for proactive and adaptive strategies. As we look ahead to 2025, organisations must prioritise:

• Implementing AI-powered cyber security solutions to stay ahead of evolving threats.
• Protecting connected IoT devices and critical infrastructure from threats.
• Taking the quantum computing threat seriously and developing a roadmap to becoming quantum safe.
• Strengthening supply chain security through rigorous assessments and zero-trust strategies.

Burning Tree’s expert consulting services and risk assessment solutions are designed to help businesses navigate these challenges. From identifying vulnerabilities to developing comprehensive security strategies, we can help your organisation build resilience and secure your digital assets.

With the lessons of 2024 fresh in mind, now is the time to assess your cyber security strategy and create an action plan. Contact Burning Tree today at 01252 843 014 or info@burningtree.co.uk to ensure your business is prepared for the cyber security challenges of 2025 and beyond.