Deepwatch Annual Threat Report 2024

Keypoints

• Cybersecurity reports from major vendors typically consist of sections on recent threat observations, statistical analyses, threat techniques, attack trends, and expert recommendations, providing a structured overview of the current threat landscape.
• 2023 data revealed over 1.34 million detected MITRE ATT&CK techniques and 1.35 million detections, emphasizing the prevalence of tactics such as Valid Accounts, User Execution, and External Remote Services.
• Malware families like Cobalt Strike, Mimikatz, and QakBot were consistently the most reported, indicating their persistent role in cyber intrusion campaigns across multiple sectors.
• Attack techniques involving exploitation of internet-facing systems, critical vulnerabilities, and credential theft remained dominant, underscoring the need for proactive vulnerability management and strong access controls.
• Recent trends show a shift toward sophisticated malware, supply chain exploitation, abuse of legitimate services, and the integration of AI for malleable tool performance, all signaling increased complexity and stealth in cyber threats for 2024.
• The reports highlight recurring themes like the importance of continuous detection improvements, vulnerability patching, and employee training to defend against evolving adversary tactics.
• Forecasts predict a rise in AI-powered techniques for defense evasion, and the increasing use of legitimate internet services by cybercriminals, demanding adaptive cybersecurity strategies in the coming year.