In the second half of 2024, Mimecast processed more than 90 billion data points for over 42,000 customers, during the six-month period from July to December.

• 5 billion threats detected: Attackers are targeting core communication channels such as emails and cloud platforms.

1. 68% of breaches linked to human error: Most breaches involve non-malicious employee mistakes, emphasising the ongoing need for tailored cybersecurity training.

1. 12% AI-written emails: Attackers are utilising AI-driven tools to enhance phishing attempts and other malicious activities.

Cybersecurity threats are becoming increasingly advanced, with attackers leveraging new tools and strategies to infiltrate organisations. To stay protected, businesses need insights into these evolving tactics. Mimecast’s H2 2024 Global Threat Intelligence Report is a valuable resource for understanding today’s threat landscape. With over 5 billion threats detected, the report sheds light on the following critical trends and offers actionable recommendations for safeguarding organisations:

1. Living Off Trusted Services
   The report highlights a concerning trend of cybercriminals using trusted platforms like Microsoft and Google to evade defenses and distribute malware or phishing attacks — an approach known as “Living Off Trusted Services” (LOTS). This evolution signals the need for robust security measures that go beyond traditional defenses.
2. Malware and ransomware surge
   Malware detection in Sub-Saharan Africa surged by 42% in December 2024, significantly higher than same period in the previous year. The surge was largely driven by political instability and increased online shopping. Additionally, the region is witnessing a rise in ransomware attacks, which are becoming more opportunistic, often exploiting vulnerabilities and delivered as secondary infections.
3. Industry focused attacks

Certain sectors faced higher cyber-attack risks, with cyber actors targeting industries in various ways. The arts, entertainment, and recreation sector were primarily attacked through malicious file attachments, while media and publishing companies fell victim to embedded malicious links. Legal firms faced a surge in impersonation attacks, and software and SaaS providers were impacted by deceptive impersonation attempts. These diverse attack patterns highlight the importance of tailoring cybersecurity defenses to address an organisation’s specific threat profile.

1. Geopolitics driving cybercrime
   Geopolitical tensions are fueling cybercrime, as nation-state sponsored attacks and politically motivated intrusions become more frequent. Examples include:

• U.S. infrastructure targeted by China’s cyber espionage

1. Russia-Ukraine war fueling cyber activities on both sides with potential spill over to other areas

1. Iran-Israel tensions escalating attacks further

Businesses operating in adjacent regions and industries need heightened awareness and preventive measures to avoid collateral damage.

1. 68% of breaches involve a human element
   Human error remains a challenge, with 68% of breaches involving a human element. Employees click phishing links, fall for deepfake scams, or mistype sensitive information, leading to vulnerabilities. According to the Verizon Data Breach Investigations Report, 2024, 34% of employees fear they might cause a breach despite growing awareness. This highlights the necessity of regular training programs aimed at minimising risks through education and vigilance.
2. AI’s dual role in cybersecurity
   Artificial intelligence is reshaping both attack and defense strategies in cybersecurity. While defenders use AI to detect threats and anomalies in real time, attackers are also turning to AI tools for:

• Writing grammatically impeccable phishing emails
• Creating deepfakes to exploit trust
• Automating large-scale cyber operations

Organisations must integrate advanced AI defenses to match the sophistication of AI-powered threats.

Stay ahead of threats with essential cybersecurity strategies
To protect against these threats, businesses should adopt the following strategies:

1. Implement advanced AI solutions: Use AI to enhance detection, response, and threat mitigation systems.

1. Strengthen authentication measures: Technologies like SPF, DKIM, and DMARC remain critical for defense against impersonation attacks.

1. Regular employee training: Consistent education on identifying phishing emails and malicious links can significantly reduce human error.

1. Vet third-party vendors: Assess the cybersecurity practices of vendors to mitigate risks from potential entry points.

The cybersecurity landscape is constantly shifting, with AI, geopolitics, and human risk among the driving forces behind today’s most pressing threats.

Mimecast’s H2 2024 Global Threat Intelligence Report offers a comprehensive view of these challenges and provides actionable insights to help organisations build resilience. Read the report now and take the next step toward securing your digital environment.