Policy Watch
2024 Security Lessons: Resilience Against Russia-China Hacker Alliances
2024 brought heightened awareness to cybersecurity, with major lessons emphasizing proactive defense, cross-sector collaboration, and resiliency. Key insights from the year include the rise of zero-day exploits, the targeting of critical infrastructure, and a spotlight on supply chain vulnerabilities.
The year 2024 underscored the persistent and evolving nature of cyber threats, pushing organizations across the globe to rethink and strengthen their security postures. From sophisticated zero-day attacks to nation-state collaborations with cybercriminal groups, cybersecurity challenges reached new heights. Here’s a look at the most impactful lessons and developments of the year.
Surging Zero-Day Exploits
Zero-day vulnerabilities, which attackers exploit before they are discovered and patched, saw a significant rise. According to research, 97 out of 138 vulnerabilities disclosed in 2023 were exploited as zero-days. This alarming trend continued into 2024, fueled by geopolitical tensions and state-sponsored hacking. China’s research into zero-day exploitation highlighted the global race for cyber dominance. Security experts stressed the importance of timely patching and proactive threat detection to mitigate these attacks.
Collaboration Between Nation-States and Cybercriminals
A troubling trend in 2024 was the deepening ties between nation-states and cybercriminal organizations. These partnerships allowed for simultaneous attacks, blending nation-state capabilities with the agility of profit-driven hackers. Groups like KillNet and LokiBot collaborated with Russian entities, while Chinese threat actors leveraged malware rings to advance their geopolitical agendas. This convergence blurred traditional lines between state-sponsored and independent cyberattacks.
Resiliency Planning in Focus
Ransomware attacks in 2024 highlighted the fragility of supply chains and business continuity. An attack on Ahold Delhaize, a major US grocery chain operator, disrupted operations across 2,000 stores. Meanwhile, a faulty software update from CrowdStrike led to widespread crashes, affecting 8.5 million devices. Experts emphasized the need for robust continuity strategies, including segmentation and disaster recovery plans, to minimize operational impact during crises.
Critical Infrastructure: A Prime Target
Critical infrastructure, from water systems to telecom networks, faced unprecedented attacks in 2024. In Kansas, a government-run water facility had to revert to manual operations after a cyberattack disrupted automated processes. These incidents exposed vulnerabilities in outdated operational technology (OT) systems, often lacking modern cybersecurity measures. Experts called for integrating IT and OT defenses, alongside advanced monitoring solutions.
Telecom Breaches and Eroding Trust
2024 ended with revelations about Salt Typhoon, a Chinese-linked cyber-espionage group, infiltrating telecom networks in multiple countries, including the US. Sensitive data, including call logs and text messages, was compromised from major providers like AT&T and Verizon. This breach reinforced the importance of securing telecom infrastructure as a national priority.
The Path Forward
As 2025 begins, the lessons of 2024 resonate across industries. Proactive defense, enhanced collaboration between sectors, and investment in resilience remain key pillars for combating increasingly sophisticated threats. The need for innovation in cybersecurity has never been greater, as the global digital landscape continues to evolve.
