BotNet News

Cyberthreat News

The UK leads the fight against serious and organised crime online. Ransomware continues to be the most significant threat as attackers target critical national infrastructure, disrupting business operations and public services. This is exacerbated by the availability of tools and compromised data on online marketplaces to enable cyber criminals.

Whether it’s stealing credit card details and passwords or disrupting systems with denial of service attacks, cyberattackers are constantly improving their tactics to increase the impact and stealth of their attack. In 2024, attacks were larger in scale and more sophisticated than ever before.

Zero-day exploits, flaws that are utilised before vendors release patches, were central to many high profile attacks. Vulnerability exploitation was linked to 20% of breaches in the Verizon DBIR, placing it alongside stolen credentials and ahead of phishing as breach vectors. This leaves defenders with little time to patch or mitigate exposures, with most attacks occurring within 24 hours of the vulnerability being publicly disclosed.

Threat actors continue to exploit complex supply chains, leveraging interconnectivity between businesses and their partners to steal sensitive data or deliver malware. This was demonstrated in the case of a 2024 ransomware attack on loanDepot, where a compromised third-party supplier was used to send a modified version of the AllaKore RAT and SystemBC backdoor to the target. This enabled the attackers to extort a ransom payment by threatening to make stolen data searchable or by attacking the victim with a distributed denial of service (DDoS) attack.