Use these patterns to your advantage, by integrating the stories into upcoming conversations and workshops. Employees will have an easier time paying attention and learning from training when they already know the examples involved. 

The biggest attack 

The Mother of All Breaches (MOAB)

The “Mother of All Breaches” (MOAB) hit the cyber security world like a tsunami in early 2024. This attack, one of the largest in history, targeted a conglomerate of social media giants and financial institutions, leading to the exposure of billions of records. 

Cyber professionals discovered early on that the leak came after a firewall failure by Leak Lookup, a data leak search engine company.

Your takeaways

The MOAB demonstrated that even the most secure organizations could fall victim to targeted attacks. Check-in with your executives, do they believe that your organization is “too big” or “too sophisticated” to fall victim to a firewall attack? Use this as proof of how any organization can be affected. 

Also, note that this all occurred because of a firewall failure. As a security manager, use this as an opportunity to learn from someone else, and administer a check on your firewalls to ensure that they are working properly.

The top Canadian attack

London Drugs cyber attack

London Drugs, a major Canadian pharmacy chain, was hit by a ransomware attack in April 2024. The attackers encrypted the company’s data and demanded a hefty ransom for the decryption key. 

The attack forced London Drugs to temporarily close stores and disrupt online services, leaving thousands of customers without access to prescriptions for over a week’s time. While the company did not disclose whether the ransom was paid, the incident highlighted the growing threat of ransomware in the retail sector.

Your takeaways

When was the last time you checked in on your team’s emergency breach response plan? What about sharing it with the rest of your team? Now is the perfect time to perform a review of what your security team – and the rest of your organization – should do if a breach should occur. 

Consider hosting a table-top exercise of a shutdown, creating Breach Plan Handouts for all employees to keep, and hosting a review of your breach plan. 

Most importantly, think of what your company would do if all servers had to go offline. Do your marketing, finance, and operation teams know their procedures? The London Drugs breach showed why this is a key component of your breach recovery plan. 

The cross-border shutdown

The CDK Global cyber attack

CDK Global, a major provider of technology solutions to the automotive industry, experienced a devastating cyber attack in the first half of 2024. The breach disrupted operations across multiple automotive dealerships across North America, causing significant financial losses and operational delays for American and Canadian companies. 

A client lawsuit states the cause was partly because of a lack of cyber security training for employees. 

Your takeaways

Train your employees. At every level of seniority, in every department, and at any age. CDK Global specialized in cyber security solutions, but yet a lack of cyber security training led to a massive breach causing them reputation and financial damage. 

Check-in on your IT and security team. When was the last time they completed their training? What were their biggest vulnerabilities?

The biggest trend

Healthcare attacks

Healthcare organizations continue to be prime targets for cyber criminals, with 2024 seeing a significant increase in attacks on hospitals, clinics, and healthcare providers. The latest attack targetted McLaren Healthcare, echoing familiar disruptions of cancelled surgeries and slow patient intake.

These attacks range from ransomware to data breaches, often resulting in the theft of sensitive patient information. The increased reliance on digital health records and connected devices has made the sector particularly vulnerable.

Your takeaways

Let this be your reminder that scammers take no mercy! They don’t care if you are housing thousands of sick patients, waiting for life-saving surgeries. They don’t care if you just started your business and are putting your life savings into it. They just want your money and information. 

So, no matter the stage, purpose, or profit of your business, invest in cyber security. Breaches can happen to anyone. 

The cyber attack that wasn’t 

The Crowdstrike shutdown

The CrowdStrike outage in July 2024 created widespread confusion and led to speculation about a possible cyberattack. However, it was later revealed that the disruption was caused by an internal software update error rather than an external attack. 

Despite this, the chaos that ensued was leveraged by cyber criminals who initiated phishing campaigns, fake support sites, and other scams targeting businesses and individuals affected by the outage.

Your takeaways

During any busy, unexpected, or stressful times at your company, you need to be alert. And so do your employees. Cyber criminals prey on businesses during times like this. They know individuals will act faster and without thinking if their mind is elsewhere. Let this inspire you to send out messages during stressful external or internal times (Hello, elections!), reminding your employees to take extra precautions around scams. 

The cyber security landscape in 2024 has been marked by significant incidents that serve as stark reminders for your organization. By examining these events and understanding the lessons they offer, security managers can strengthen their defences, enhance their preparedness, and better protect their business and team members against future threats. 

Whether it’s the largest breach in history or the exploitation of a simple software error, every incident holds valuable insights that can help us navigate the complex world of cyber security. See you at the end of 2024 for another recap!