H2 2024 Cyber Threat Intelligence Report: Key Takeaways for Security Leaders

In a recent Critical Start webinar, cyber threat intelligence experts shared key findings from the H2 2024 Cyber Threat Intelligence Report. The presentation revealed escalating cyber threats across industries, identified emerging ransomware groups, and outlined the defensive strategies organizations need to strengthen their security posture.

Industries Facing the Most Cyber Threats

The report identified five industries that saw the highest attack volumes in H2 2024:

Professional Services (17%)
Banking and Finance (14%)
Manufacturing (13%)
Retail (9%)
Technology and Software (6%)

According to Alex Dufault, Cyber Threat Intelligence Analyst at Critical Start, “cyberattacks on the professional services industry increased by 20.8% in the second half of 2024.”

This sector remains a primary target due to its handling of sensitive client data, which attackers exploit through ransomware, dark web sales, and identity-based crime.

The Rapid Rise of Ransomware Groups

Ransomware groups continue to grow, with some emerging as dominant threats. As Dufault explains, “Ransom Hub was our runner-up or more of an emerging threat actor in the first half of 2024. So they went from there… all the way to our #1 threat actor. And I think it’s important to highlight because it shows us how quick these groups can emerge, they can adapt, and how quick they can create effects across the cyber landscape.”

The top five ransomware groups identified in the report are:

Ransom Hub
Akira
Play
Kill Security (Kill SEC)
Meow

Spotlight on Ransom Hub

Ransom Hub’s rise highlights how quickly ransomware operations can scale. The group primarily targets high-value industries, including:

Professional Services (13.84%)
Engineering and Construction (13.5%)
Manufacturing (11.49%)

Ransom Hub operates as a ransomware-as-a-service (RaaS) group, meaning its tools and tactics can be deployed by a range of cybercriminal affiliates, further increasing its reach.

How MDR Strengthens Cyber Defenses

Modern cyber threats demand an MDR strategy that delivers real-time visibility, proactive detection, and expert-led response. Critical Start’s human-lead MDR services provide:

24×7 Monitoring & Response – Security experts investigate and resolve threats across IT and OT environments
Complete Signal Coverage – Identifies gaps across endpoints, SIEM detection, and vulnerability scanning
Proactive Threat Detection – Prevents log ingestion failures and eliminates security blind spots

Emerging Cybersecurity Concerns for 2025

The H2 2024 report highlights key cybersecurity concerns that will impact organizations in 2025 and beyond:

AI-Driven Threats
- Attackers leverage AI to automate phishing, develop malware that evades detection, and exploit vulnerabilities faster than ever. As Dufault warns, “AI-driven malware is going to dynamically modify its code to avoid detection, which is going to bypass traditional signature-based defenses.”
Nation-State Targeting
- State-sponsored attacks are increasing, with cybercriminals targeting critical infrastructure, intellectual property in emerging tech sectors, and financially motivated attacks on cryptocurrency markets.
Quantum Computing Risks
- The “steal now, decrypt later” strategy is becoming a major concern, where attackers exfiltrate encrypted data today, anticipating that future quantum computing advancements will allow them to decrypt it.

Taking Action Against Cyber Threats

Cybercriminals are expanding their attack methods, making it critical for organizations to deploy security strategies that adapt in real time. MDR is key to: