Security Audit

Recent Cyber Attacks – 2024

Updated on: December 22, 2023

Recent Cyber Attacks – 2024

“I’d rather have a root canal than go through one of these attacks again.” – Rich Krueger, President & CEO, Suncor Energy

While the analogy is a bit extreme, tragically, nowadays it isn’t a question of if, but rather when will you be attacked. In fact, in the time you read this sentence, another business has already fallen victim to a cyberattack. With an average of 2200 daily attacks or 1 attack every 39 seconds, the burgeoning $8 trillion cybercrime industry hardly comes as a surprise.

But beyond the sheer financial and reputational losses lies a chilling reality: no entity —not even governments— is immune to this growing headache. The Costa Rican nation, for instance, was in a state of emergency for almost the entirety of 2022 and 2023, thanks to repetitive cyber attacks that crippled its critical infrastructure. 

But are there any common patterns that dominated 2023-2024? Let’s take a look!

What are the recent cybercrime trends?

1. Politically motivated attacks

Unfortunately, 2023 witnessed numerous political conflicts erupt around the world, ranging from the invasion of Ukraine and the humanitarian crisis in Yemen to the coup in Suda and the Hamas-Palestine conflict. With the evolution and adoption of AIML, governments, and politically influenced organizations have started weaponizing hacking as a means to fulfill their respective political agendas.

As such, the year was defined by ideologically motivated and legally sanctioned attacks on government agencies and critical infrastructure to gain the upper hand.

2. Ransomware attacks are still the dominant threat

Ransomware, or the digital equivalent of a bank heist has surprisingly (or not) emerged as a dominant threat for nearly the 8th year in a row, starting since 2016-17. 

Businesses and government assets alike are being held hostage repetitively, with paralyzed operations, encrypted data with the threat of public release, and exorbitant ransoms such as in the Cloud Pipeline attack.

3. Supply chain attacks are on the rise

The interconnectedness and dependence of the global supply chain have also created paths to global vulnerabilities. Cybercriminals today can infiltrate multiple organizations by simply compromising a single supplier causing widespread disruption, thanks to the accompanying domino effect. The MOVEit software vulnerability was the primary example in 2023.

4. AIML on the rise

Artificial intelligence and machine learning, the revolutionary technologies of 2023 are now also being leveraged by cyber attackers to identify patterns and develop more automated attacks. For example, even the most randomly generated digital passwords often follow a pattern. 

AIML equips these malicious attackers to not only identify such patterns but also create autonomous attacks that leverage such information. From writing mass phishing emails that mimic the phrasing and writing style of a colleague to AI-powered ransomware, the possibilities are terrifyingly limitless.

5. Attack surfaces are expanding

The fast adoption and explosion of IoT (Internet of Things), cloud computing, and several other technologically powered automation advancements have given way to a wider attack surface for cyberattacks. 

Moreover, AI-powered attack vector programs now help these bots to not only use the most mundane house gadgets to not only spy on you and your business but also map possible psychological manipulation methods and sell the information on black markets.

Seems like something out of a futuristic sci-fi right? Well, here are some of the most recent cyber attacks that traumatized governments and businesses alike in 2023-2024.

Recent Cyber Attacks in 2023-2024


November proved to be another grim month in the ongoing cyberwar, with several successful attacks ranging from ransomware to data breaches. Based on a recent report by IBM, each breach came at a steep price, averaging $4.45 million in losses. Let’s delve into some of the attacks that dominated the fall headlines:

DateAttack TypeTargetPerpetratorsImpact
19 NovRansomwareToyota Financial Services (TFS)Medusa RansomwareData breach with unauthorized activity in select locations
17 NovRansomwareChicago Trading Company and Alphadyne Asset ManagementLockbit RansomwareData breach and financial loss
16 NovRansomwareYamaha MotorINC Ransom gangData breach with partial leakage of employee info
15 NovRansomwareHopewell Area School DistrictMedusa RansomwareDisruption of school operations
14 NovRansomwareBITZERAkira RansomwareData breach worth 70 million
13 NovData BreachMcLaren Health CareBlackCatData breach of 2.2 million patient records
11 NovData BreachIdaho National Laboratory (INL)SiegedSecData breach of 100,000 employee records
10 NovRansomwarePoloniexUnknownTheft of $156+ million in cryptocurrency
9 NovPhishingCzechiaEuropol and EurojustDisruption of phishing operation worth €8 million
8 NovSupply Chain AttackSIRVALockBitData breach of 1.5TB of data
7 NovData BreachAllen & OveryLockBitData breach on select storage servers
6 NovData BreachCozwolleBlack BastaData breach using QakBot Malware
5 NovRansomwareMedina Hospital in OhioALPHV/BlackCat ransomware groupDisruption of hospital operations


October yielded a golden harvest for the world of cybercrime. This rise in ransomware attacks, as well as data breaches, was driven by several factors, including the increasing sophistication of cybercriminals and the growing reliance of businesses and individuals on technology. Some significant head-turners include:

DateAttack TypeTargetPerpetratorsImpact
31 OctRansomwareSüdwestfalen-ITUnknown110 municipalities and organizations affected
28 OctRansomware AttackBritish LibraryRhysidaDisruption of services for 2+ weeks and 11 Million+ compromised files
25 OctRansomwareHillel Yaffe Medical CenterUnknownData breach of patient records
24 OctDDOS AttackCzech RepublicNoName057Disrupted access to the websites of the Interior Ministry, police force, Prague Airport, and the houses of parliament.
24 OctCyber AttackBitKeepUnknownData breach with 10 million+ in losses
19 OctGoogle Cloud, Cloudflare, and AWSMarina Bay SandsUnknownUnauthorized Third Party Access
10 OctDDOS AttackGoogle Cloud, Cloudflare and AWSUnknown398 million requests per minute due to a Zero Day Vulnerability
6 OctCredential Stuffing23andMeGolemGenetic data profiles of 6.9 million people leaked
1 OctDDOS AttackUK Royal FamilyKillNetDisruption of official website for 90+ minutes


Cybersecurity awareness month brought renewed focus on the importance of online safety. However, cybercriminals continued to exploit vulnerabilities, with a series of attacks targeting international commissions and MNCs alike. Some of the most surprising ones include:

DateAttack TypeTargetPerpetratorsImpact
30 SepRansomware AttackMotel OneALPHV/BlackCat ransomware groupData breach of 24.45 million customer records
27 SepRansomware AttackJohnson ControlsDark AngelsDisrupted operations, stole 27 TB of data, and encrypted VMWare ESXi VMs
26 SepRansomware AttackSonyRansomedVC and MajorNelsonCompromised systems and 3.14 GB of data leaked
18 SepData BreachDarkBeamUnknown3.8 billion records exposed
14 SepData BreachInternational Joint Commission (IJC)NoEscapeRecords of contracts, geological files, conflict of interest forms and more stolen, approx 80GB of data.
14 SepData BreachInternational Criminal Court (ICC)UnknownA targeted and sophisticated attack with the objective of espionage
11 SepCyber AttackSave the ChildrenBianLian6.8TB of personal and business data stolen
6 SepData BreachSabreDunghill Leak ransomware gang1.3 terabytes of data stolen
4 SepDDOS AttackBaFinUnknownRecords of contracts, geological files, conflict of interest forms, and more stolen, approx 80GB of data.


Although August gave a bit of respite to companies to re-evaluate their security measures, it also witnessed emergence of emergence of new CVEs and threats, including deepfakes and cryptojacking. Some of the headlines included:

DateAttack TypeTargetPerpetratorsImpact
28 AugData BreachPurFoodUnknown1.2+ Million users’ data compromised
10 AugRansomwareThe Belt Railway Company of ChicagoAkira Ransomware gang85 GB of data compromised
10 AugRansomwareThe California city of El CerritoLockBit Ransomware gangLoss of data
7 AugRansomwareProspect Medical HoldingsRhysida500,000+ Social Security numbers, financial, legal and medical files compromised
3 AugPhishingDiscordAkhirah760,000 users’ data compromised


As temperatures soared, so did digital data breaches. However, July also witnessed the launch of new cybersecurity awareness initiatives, empowering individuals and organizations to take proactive steps to protect themselves online. Some noteworthy events included:

DateAttack TypeTargetPerpetratorsImpact
21 JulData Breach7 million unique Social Security numbers compromisedUnknown7 million unique Social Security number compromised
19 JulData BreachRobloxUnknownExposed 4000+ developer accounts and data
19 JulData BreachEstée LauderUnknownExposed sensitive data of employees and customers
18 JulData LeakKotak Life Insurance, State Bank of IndiaClop Ransomware GroupLeaked sensitive data of customers of over 104GB
14 JulRansomwareShutterfly Business Solutions (SBS)UnknownDisrupted operations and encrypted data
10 JulData BreachHCA HealthcareUnknownExposed sensitive data of 11 million patients
9 JulMalwareAlberta Dental Service Corporation (ADSC)Unknown1.5 million accounts compromised


The summer sun brought a surge in online activity, creating fertile ground for cybercrime. From Microsoft to legal departments across the world, all fell victim to cyber-attacks. Moreover, several Android apps fell prey to spyware and ended up being banned, as given below:

DateAttack TypeTargetPerpetratorsImpact
29 JunRansomwareIllinois Department of Innovation & Technology (DoIT)CL0P ransomware gangDisrupted state government systems and leaked data
27 JunRansomwareSercoClop Ransomware10,000+ individuals were affected as a domino effect of MOVE iT.
26 JunDDoSMicrosoftAnonymous Sudan18,000 users couldn’t access Outlook due to what eventually came to light as a DDoS attack
24 JunCyber attackSuncor EnergyUnknownDisrupted fuel payments at 1500+ Petro-Canada gas stations across Canada
21 JunData BreachHot TopicClop Ransomware500,000 customers affected
15 JunDDoS10,000+ individuals were affected as a domino effect of MOVE iT.NoNameDisrupted government websites ahead of Ukrainian President Volodymyr Zelensky’s address to the Swiss parliament
10 JunSpywareAndroid appsUnknownAffected 190 Android apps on the Google Play Store with estimated over 400 million downloads
5 JunRansomwareProgress MOVEitLace Tempest, a group affiliated with Clop ransomwareAffected 190 Android apps on the Google Play Store with an estimated over 400 million downloads
2 JunRansomwareSpanish bank GlobalcajaPlay ransomware groupDisrupted bank operations and stole encrypted data including an undisclosed amount of private and personal confidential data, client and employee documents, passports, contracts, and more.
2 JunRansomwareYKKLockBitEncrypted data and disrupted operations


Cybercriminals turned their attention to exploiting vulnerabilities in the global supply chain. Although many saw a slight dip in cybercrime, a series of coordinated attacks across various critical infrastructures, caused significant delays and disruptions, impacting businesses and consumers worldwide, as detailed under:

DateAttack TypeTargetPerpetratorsImpact
29 MayUnauthorised AccessSkolkovo FoundationUkranian hacktivistsLimited access to certain information systems, including file hosting service on physical servers.
28 May Price manipulationJimbos ProtocolUnknownSteal 4000 ETH worth nearly $7.5 Million
26 MayRansomware attackCity of AugustaBlackByteCompromised data with PII, with 10GB released as sample


April showers brought a surge in social engineering attacks. The American government turned out to be an unfortunate favorite for cybercriminals. The month also saw a rise in ransomware attacks as given below:

DateAttack TypeTargetPerpetratorsImpact
20 AprData BreachAmerican Bar AssociationUnknownCompromised the Bar Association’s network and gained access to older credentials for 1,466,000 members.
13 AprRansomwareNCRBlackCat/ALPHVImpacting a limited number of ancillary Aloha applications for a subset of our hospitality customers
12 AprRansomwareUS Navy Contractor Fincantieri Marine GroupUnknownTemporary disruption to certain computer systems running on its network
12 AprData BreachHyundaiUnknownCustomer data of owners in Paris and France leaked
6 AprData Breach/RansomwareMSIMoney MessageIntel Boot Guard private keys and leaked over 500 GB of data


Spring brought a series of attacks on government departments, exposing the vulnerability of personal data stored online. In a concerning development, hackers infiltrated the systems of a prominent healthcare organization, potentially jeopardizing patient records. Cyber attacks on tax authorities and financial institutions also ramped up, capitalizing on the annual tax season. Learn more below:

DateAttack TypeTargetPerpetratorsImpact
29 MarExposure and RansomwareBMW, FrancePlay ransomware Contract information, financial information, and PII stolen
21 MarData BreachShields Healthcare GroupIndividual hackerSensitive information of 2.3 million patients stolen
21 MarData BreachUK’s Criminal Records OfficeUndisclosedDisrupted operations – other effects unknown.
Mid-MarchRansomwareYellow PagesBlack Basta gangStolen social security numbers, scans of passports, IDs, and assorted tax documents of approx 3,00,000 users‘.
8 MarData BreachMinneapolis Public SchoolsMedusa Hacker CollectivePersonally Identifiable Information of students and staff stolen and leaked


Love was in the air, but so were cybercriminals seeking to exploit the season’s romance. They targeted cloud spaces and banks, causing financial losses and heartbreak for victims. At the same time, some government agencies faced a serious ransomware attack, disrupting essential services and raising worries about national security. Let’s take a deeper look:

DateAttack TypeTargetPerpetratorsImpact
23 FebData BreachDish NetworkUnknownSome data was extracted and Dish’s share price fell by 6.5%
17 FebRansomwareUS Marshals ServiceUnknownSensitive law enforcement data exposed
14 Feb HTTP DDoSCloudFlareUnknownCloudflare thwarted one of the largest known DDoS attack peaking at 71 million requests per second.
3 FebESXiArgs Ransomware AttackVMware ESXiNevadaNearly 1000 ESXi servers have been infected
3 Feb Credential TheftBank Accounts Hacked in Nepal8 individuals in KathmanduSeveral million rupees stolen
2 FebRansomwareTallahassee MemorialUnknownSurgeries were rescheduled, patients were re-directed, and IT systems were shut down for weeks.


The icy grip of winter brought a chilling wave of cybercrime. Hackers leveraged the holiday season rush and post-vacation chaos to unleash a flurry of phishing attacks and malware campaigns. Social media platforms became battlegrounds for disinformation and fake news, further amplifying the confusion and chaos.

DateAttack TypeTargetPerpetratorsImpact
31 JanRansomwareION GroupLockBit42 Financial Institutions in the US and Europe
30 JanDDoS attackUS hospitalsKillnetOutage in IT services and electronic health records
26 JanInformation theftYandexAllegedly former Yandex employeeUnconfirmed – Code repositories amounting to 44.7GB were published as a Torrent on a hacker forum recently.
20 JanRansomwareSchools in Tucson, Arizona, and NantucketRoyal Ransomware gang42000 students and 7000 staff members are affected.
18 JanCredential stuffingPayPalUnknownHackers had access to the personal data of 34,942 PayPal users for 2 days
16 JanThird-party data breachNissan North AmericaUnknown individualPersonally Identifiable Information of 17,998 customers was exposed
11 JanData Breach through social engineeringMailchimpUnknownUnauthorized access to 133 Mailchimp accounts
10 JanZero DayWindows ALPCUnknownPrivilege escalation
9 JanData breachAirFrance and KLMUnknownExposure of email IDs, user names, earned miles balance
5 JanAPI data breachT-MobileUnknownLimited types of information were exposed affecting 37 million users

How can You Protect Yourself?

While the current cyber threat landscape is gloomy and quite frightening, you can take some fairly simple steps to decrease the risk of being victimized by a cyber attack.

  • Implement multifactor authentication & encryption for all your accounts
  • Stress on using vendors that offer multifactor authentication Implement proper input validation on all customer-input-enabled areas on your website
  • Keep all extensions, appliances, and applications up-to-date
  • Do not delay implementing patches
  • Practice regular security testing – vulnerability assessment and penetration testing
  • Leverage AI to identify rare attack vectors
  • Adopt a zero-trust architecture
  • Collaborate and share information on complex threats
  • Draft and execute robust response plans

How can Astra Help?

Astra is a leading SaaS company specializing in providing innovative web security solutions. Our comprehensive suite of cybersecurity solutions blends automation and manual expertise to run 8000+ tests and compliance checks, ensuring complete safety, irrespective of the threat and attack location.

With zero false positives, seamless tech stack integrations, and real-time expert support, we strive to make cybersecurity simple, effective, and hassle-free for thousands of websites & businesses worldwide.

Moreover, our industry-specific AI test cases, world-class Astranaut Bot, and customizable reports are designed to make your experience smoother while saving you millions of dollars proactively.


The best you can do to run a secure business in 2024 is to make life really hard for hackers. While you may not have control over zero-day exploits, you can ensure that you never run a vulnerable appliance for which a patch was available.

Educate your teams, and make cybersecurity an integral part of your business functionality by adopting security-first approaches such as vulnerability assessment and penetration testing.

Nivedita James Palatty

Nivedita is a technical writer with Astra who has a deep love for knowledge and all things curious in nature. An avid reader at heart she found her calling writing about SEO, robotics, and currently cybersecurity.
Notify of

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Inline Feedbacks
View all comments

Psst! Hi there. We’re Astra.

We make security simple and hassle-free for thousands
of websites and businesses worldwide.

Our suite of security products include a vulnerability scanner, firewall, malware scanner and pentests to protect your site from the evil forces on the internet, even when you sleep.

earth spiders cards bugs spiders

Made with ❤️ in USA France India Germany