Cybercriminals Exploit Trusted Services for Attacks
Cybercriminals increasingly exploit legitimate online services to mask their attacks, according to Mimecast’s Global Threat Intelligence Report (H2 2024). The report highlights a rise in phishing, ransomware, and nation-state-backed cyber operations across global cyber threats. Hackers are leveraging platforms like Microsoft’s OneDrive, Google Docs, and Dropbox to host malicious content, making detection more challenging for traditional security measures.
Mimecast detected over 5 billion cyber threats between July and December 2024 while analyzing 90 billion data points across its 42,000 customer networks. The findings indicate that email remains the primary attack vector in global cyber threats, with cloud-based collaboration tools also becoming significant cyber risk factors. You can get the report here. Our takeaways follow.
Rise in Nation-State Cyber Activity
Cyber warfare continues to escalate, with China, Russia, Iran, and Israel engaging in cyber espionage and infrastructure attacks as part of global cyber threats. Chinese hackers targeted U.S. and Canadian networks, while Iranian and Israeli cyber operations retaliated against one another. Russian hackers focused on European and U.S. entities, leveraging disinformation and ransomware campaigns.
Political instability worldwide is driving an increase in cyberattacks. The report notes that upcoming elections in France, Germany, and the U.S. have heightened geopolitical tensions, making government, media, and financial organizations prime cyber targets.
AI: A Double-Edged Sword in Cybersecurity
Artificial Intelligence (AI) is reshaping global cyber threats. Attackers are using AI-generated phishing emails, deepfake voice scams, and automated hacking tools to increase the sophistication and scale of cyberattacks. Mimecast found that 12% of phishing emails in 2024 showed signs of being AI-generated.
As many others have found, on the defensive side, AI also benefits cybersecurity professionals. AI-driven threat detection helps organizations respond faster, analyze security incidents more efficiently, and strengthen their cyber defenses. However, the rapid evolution of AI tools presents challenges and opportunities for cybersecurity teams.
Cloud Services: A Preferred Attack Platform
Cybercriminals are abusing cloud platforms to launch Living Off Trusted Services (LOTS) attacks, contributing to global cyber threats. Microsoft Outlook, Google’s Gmail, and cloud storage services like OneDrive, DocuSign, and Evernote are frequently exploited to host malware, phishing links, and fake login pages.
Mimecast found that attackers increasingly use services like Cloudflare’s Turnstile CAPTCHAs to block security analysis and rely on file-sharing platforms to distribute malicious payloads. Even reputable marketing tools like GetResponse were used in phishing campaigns.
Industry-Specific Cyber Threat Trends
The report identifies industries facing the highest cyber risks in 2024:
- Media & Publishing: High exposure to malicious links and phishing attacks.
- Entertainment & Recreation: The top sector targeted by malware-based attacks.
- Legal Services: A growing number of business email compromise (BEC) scams and impersonation frauds.
While phishing and malware attacks remain widespread, different industries face unique threat profiles tailored to their business operations and digital presence.
Major Cyber Incidents in 2024
Several high-profile cyber incidents shaped the threat landscape in late 2024:
- 10 Billion Passwords Leaked: The RockYou2024 database leak exposed nearly 10 billion passwords, leading to a surge in credential-stuffing attacks.
- U.S. Treasury Breach: Chinese state-sponsored hackers compromised a third-party security provider, exposing government workstations.
- Cryptocurrency Exchange Attacks: Hackers stole over $70 million from major Asian cryptocurrency platforms.
- Iranian Cyber Espionage: Iranian hackers used fake job recruitment websites to infiltrate aerospace and defense firms.
- Browser Extension Attacks: Cybercriminals compromised over 30 Chrome extensions, affecting millions of users worldwide.
Recommendations for Businesses
Mimecast offers key recommendations to help businesses defend against evolving cyber threats and global cyber threats:
- Strengthen Email Security: Enforce multi-factor authentication (MFA) and improve email filtering to block phishing attempts.
- Monitor Third-Party Vendors: Cybercriminals increasingly exploit software supply chains; organizations should audit their partners’ security measures.
- Train Employees on Cyber Risks: Human error remains the leading cause of breaches—cybersecurity training is essential.
- Adopt Zero-Trust Security Models: Network segmentation, endpoint monitoring, and real-time anomaly detection.
- Enhance AI Security Measures: Defenders must adopt AI-driven threat detection to counter increasingly automated cyberattacks.
The report warns that AI-powered cyber threats, geopolitical instability, and cloud service exploitation will continue to shape the global cyber threats landscape in 2025. As a result, organizations must proactively invest in threat intelligence, security automation, and human awareness programs to stay ahead of attackers.
Other News: 2024 Phishing Trends: How Employee Awareness Training Can Combat Rising Threats(Opens in a new browser tab)
