Cert-IST 2025 report on attacks and vulnerabilities in 2024
Date : February 19, 2025
The aim of this report is to highlight the general tendencies and threat evolution to help the community to enhance their protections.
This document is available:
- In English: Cert-IST 2025 report on attacks and vulnerabilities in 2024
- In French: Bilan Cert-IST 2025 sur les failles et attaques de 2024
It begins with an analysis of the three most significant events of 2024:
- Olympic and Paralympic Games,
- CrowdStrike outage on 19 July 2024,
- Attacks on edge devices.
It then shows the overall trends observed for each attacker categories: state-sponsored, cybercrime and hacktivism.
The report continues with an analysis of specific points:
- Focus on the state-sponsored threat,
- Cloud attacks,
- Supply chain attacks,
- Growing need for binding legal liability on software vendors.
Image generated with https://worditout.com/
