Cyberattacks Surge in 2024: Healthcare, SMBs, and Democracy Under Threat

In 2024, Orange Cyberdefense, a subsidiary of the French telecommunications giant Orange, reported a significant surge in cyberattacks targeting healthcare institutions, industrial enterprises, and small- to medium-sized businesses. These attacks predominantly aimed to extort ransoms and steal confidential information, including personal data. Additionally, incidents involving the manipulation of public perception through disinformation, fake news, and the promotion of specific political narratives via social media became increasingly prevalent against a backdrop of global geopolitical instability.

Key Insights from the Security Navigator Report

In its annual Security Navigator report, Orange Cyberdefense presented a comprehensive analysis of the prevailing cyber threat landscape. The study revealed that, in 2024, approximately 13,000 extortion-driven attacks were documented, with hospitals and healthcare facilities among the primary targets. This year, such attacks assumed an especially cynical character, impacting not only administrative systems but also critical functions directly tied to patient health and safety.

One of the most notable incidents was an attack on the South African National Health Laboratory Service, which left thousands of patients unable to access test results for weeks, delaying essential treatments and surgeries.

Vulnerability of Small and Medium Enterprises

Small businesses emerged as particularly vulnerable to cyberattacks in 2024. According to the report, ransomware attacks against small enterprises increased by 53%, while attacks on medium-sized businesses rose by 52% compared to the previous year. For the first time, such attacks were observed in developing nations, including Afghanistan, Djibouti, Uzbekistan, the Maldives, and Nepal.

Growth of Politically Motivated Attacks

Politically motivated cyberattacks aimed at manipulating public opinion and advancing specific narratives saw a marked increase in 2024. These operations often took the form of coordinated disinformation campaigns on social media and other digital platforms. Experts attribute the rise in politically charged hacker activity to escalating geopolitical tensions, suggesting that some groups may act on behalf of or at the behest of nation-states.

Orange Cyberdefense recorded 6,500 incidents involving disinformation campaigns, incitement of discord, and attempts to influence public consciousness. Particular attention was paid to activities on Telegram, where 3,214 unique political messages and 6,674 phishing and malicious campaigns were identified.

Threats to Electoral Processes

The report also highlighted an uptick in DDoS attacks targeting electronic voting systems, vote counting infrastructure, and campaign headquarters. These attacks sought to undermine the integrity of electoral processes and erode public trust.

Artificial Intelligence: A Double-Edged Sword

The report emphasized the dual role of generative artificial intelligence in modern cybersecurity. While such technologies have become instrumental in detecting threats more effectively, they are equally exploited by malicious actors to enhance their attacks, including phishing schemes and social engineering techniques.

Experts at Orange Cyberdefense underscored the pressing need for global coordination to counter emerging threats. Strengthening defense systems and adopting advanced monitoring and response technologies remain critical priorities in the ongoing fight against cybercrime.