2024: If You Don’t Laugh, You’ll Cry

Welcome to our year-end review for 2024! We just knew this year was going to be a doozy, and it lived up to the hype.

Let’s take a quick look back at some of the biggest cybersecurity stories of the year. Then soothe ourselves with some of the best IT and security memes. We celebrate all of our colleagues and customers in cybersecurity, and hope you enjoy these yearly meme roundups as much as we do.

Generative AI Went Mainstream

Advances in AI elevated the risk of virtual privacy infringement. We remain especially concerned about this when it comes to kids’ images online.

Cheap deepfake technology has also lowered the barrier to entry for scammers. It’s especially prevalent in the hiring and job search process and in financial services fraud.

The launch of ChatGPT in late 2022 ushered in a dramatic rise in phishing attacks. Data released in June of this year showed that since ChatGPT became available to the public, there has been a staggering 4,151% increase in phishing attempts.

However, it’s not all bad news when it comes to artificial intelligence. Security professionals are exploring ways to use AI as another tool in their arsenal against malicious actors.

Healthcare Hackers Went for Broke

February’s Change Healthcare ransomware attack highlighted the risks of consolidating critical mechanisms of our healthcare system into one behemoth organization. Change Healthcare, which is owned by UnitedHealth Group, processes about $1.5 trillion in health claims each year (about one-third of all health spending in the U.S.). A breach at Change Healthcare took its clearinghouse services down for almost nine months. The attack cost Change’s parent company around $872 million, including a $22 million ransom that yielded no return of data.

In early May, Ascension Health was hit by a ransomware attack that posed a direct and ongoing threat to patients at the system’s 142 hospitals and 84 pharmacies. Multiple critical systems, including electronic health records, MyChart (a patient communication utility), and various medication and test ordering systems were forced offline. Patients had to be diverted to different facilities for emergency care, and staff were forced to use paper, faxes, and personal texts for medical orders, labs, imaging, and prescriptions.

Along with the Change Healthcare breach, the Ascension attack underscores the urgent need for enhanced cybersecurity measures within healthcare businesses.

CrowdStrike

The CrowdStrike event may have been the largest IT outage in history to date. On July 19, CrowdStrike released an update to its Falcon platform. The flawed update to Falcon sensor version 7.11 caused the platform to crash, bringing the Microsoft operating systems of millions of computers down with it.

While only 1% of worldwide systems were affected, they were the 1% running some of the world’s most critical and time-sensitive operations, including airlines, public transit, financial services, and healthcare systems. The outage caused an estimated $5.4 billion in direct losses for Fortune 500 companies.

The event highlighted the need for business continuity plans across all companies in every industry.

Mother Nature

Natural disasters took their toll in 2024 as well. Hurricane Helene impacted every type of business, particularly in the flooded zones of Tennessee and North Carolina.

A hospital in Unicoi County, Tennessee, is a total loss after the building was rapidly inundated, forcing over 50 staff and patients to the roof for evacuation. The town of Spruce Pine, North Carolina, is one of the world’s top sites for mining the high-purity quartz that is critical to the global semiconductor industry. The mine was forced to halt operations due to the storm and subsequent flooding.

Helene and other storms drive home the importance of developing and maintaining a disaster recovery plan for your organization.