Trends

3 Cybersecurity Trends From the Lumu Compromise Report 2024

Table of Contents

Here is one cybersecurity trend that most will agree with: things are not getting easier. But the Lumu Compromise Report 2024 also makes it clear that there is hope.

This year has seen a broad variety of attacks and breaches in the cyber world, and the new Lumu Compromise Report 2024 reveals just how these attacks were carried out, as well as the countries and industries that have been targeted.

The report tells the story of how hackers continue to gain access, especially using infostealers and ransomware to exploit vulnerabilities, and what to look out for to defend against the onslaught.

While it is difficult to whittle down this in-depth report to just three takeaways, we have pulled out three topics that are essential reading for anybody worried about defense.

Infostealers: Targeting the USA

One significant cybersecurity trend for 2024 has been that infostealers are disproportionately targeting the USA. Infostealers are designed to extract sensitive information that can then be used or sold for malicious intent, such as financial gain, identity theft, or to further compromise your organization

58.3% of infostealer attacks recorded by Lumu were in the USA, making it by far the biggest target of any country in the region — why

Generally, the motivator for these infostealer attacks is financial. As the biggest economy in the world, and amongst the most technologically advanced, the USA is an obvious target for financial cyberattacks.

Credentials stolen through infostealers are often exploited, or sold on the dark web, as a gateway to deliver ransomware.

Ransomware: Going for the Underbelly

While we’ve recorded ransomware attacks in pretty much every sector of society, one worrying cybersecurity trend is that cyberattackers are targeting some of the most valuable and sensitive sectors in society.

Amongst the top sectors affected, as you can see in the above graphic, are fundamental pillars of everyday life in the USA.

Government has been particularly under siege, with attackers not only targeting public funds but also looking to disrupt critical infrastructure. On top of financial gain, there is a geopolitical element to this with increased action from foreign actors opposed to the US. Alongside government, attacks on sectors such as manufacturing, construction, and energy are also designed to disrupt daily life and infrastructure.

Traditionally considered morally off-limits to attackers, education establishments and healthcare are big targets for cybercriminals, directly affecting some of the most vulnerable in society. These sectors have had to rapidly improve their cybersecurity position to avoid breaches — which can prove devastating, especially to smaller education and healthcare establishments.

Explore our blog for more posts about Cybercrime in the Education Sector and check out our K–12 Cybersecurity Tips.

Breaking Through the Traditional Defenses

One worrying cybersecurity trend — but one that is potentially the clue to how to defend against the attackers — is that cybercriminals are often managing to evade the traditional security stack.

Whether perimeter defenses, endpoint security, or email security, the report shows evidence that hackers are increasingly able to get past them.

This implies there are two approaches that you can — and must — add to your traditional security stack to properly defend against today’s attacks: threat-informed defense and network visibility.

Threat-Informed Defense

As a defender, being well-informed of current attack vectors and knowledgeable about the latest trends, can be critical to stay one step ahead of an attack. The Lumu Compromise Report 2024 highlights the MITRE ATT&CK® Matrix, and how it can be used to understand indicators of compromise when they appear.

Network Visibility

A cyberdefense tool that is constantly looking at the network level and observes and understands anomalies on network traffic is the best way to catch any threat actors that break through traditional defenses. These tools can detect and respond to dangers and ensure that attacks are contained and dealt with, which otherwise may have gone undetected until too late.

Find out More About 2024 Cybersecurity Trends

Being ahead of threats means knowing the current trends in cybersecurity has become an essential part of keeping organizations safe in recent years.

The Lumu Compromise Report 2024 dives into topics such as the most prominent families of infostealers and ransomware that you should be aware of. It also highlights the MITRE ATT&CK trends from this year and how they can be used to strengthen your security stack.

Read more in the Lumu Compromise Report 2024

Recent Posts

  • Blog

Lumu & the MSP Community: 2024 in Review

Reading Time: 4 minsLumu has worked hand-in-hand with MSPs throughout a year that consolidated the…

4 days ago
  • Blog

Reflecting on 2024: Lumu’s Innovations in SecOps

Reading Time: 5 minsLumu’s 2024 SecOps advancements focus on automation and smarter threat detection, with…

6 days ago
  • Attacks

Lumu’s Detection & Response to a Real-World DNS Tunneling Attack

Reading Time: 7 minsThis is the story of a serious DNS tunneling attack on a…

1 week ago
  • Events

Cybersecurity Insights for MSPs: Lessons from IT Nation Connect 2024

Reading Time: 4 minsDiscover the top insights from Lumu’s pre-conference workshop at IT Nation Connect,…

4 weeks ago
  • Stories

Cybersecurity Trends 2025 and Beyond: Navigating AI-Driven Evasion Techniques and Autonomous Threats for Resilient Defense

Reading Time: 2 minsAs we move into 2025, AI-driven evasion and autonomous threats will redefine…

1 month ago
  • Trends

CISA Reveals How 12 Ransomware Gangs are Bypassing EDRs

Reading Time: 7 minsEndpoint Detection and Response (EDR) has a critical role in most companies’…

2 months ago