1、Global Cyber Threat Intelligence(CTI)Annual Cyberthreat Trends Report-2024March 2025|Copyright 2025 Deloitte Development LLC.All rights reserved.12Executive overviewHigh-level presentation of top threat actors,threat vectors,incidents,and overall assessmentCross-industry threat vectorsTrending and e

2、merging high-level threat vectors3Cross-industry initial access techniquesThe top four trending initial access techniques affecting multiple industry verticals 4Threat vector highlights Spotlight on the ransomware threat landscape and underground(dark web)trends5Summary of dataSummary of cybersecuri

3、ty events by type,threat actor type,and targeted industry as observed by Deloitte CTITable of contents26Threat actorsHigh-level overview of categories,heatmap,and trending and emerging threat actors with a global impact|Copyright 2025 Deloitte Development LLC.All rights reserved.The following report

4、 highlights overarching cyber trends and emerging issues from January 1 to December 31,2024.Executive overview|Cyberthreat trends 2024HighlightsRansomware continued to be the top threat vector for the year.The RaaS model facilitates the easy creation of new groups.Affiliates are not tied to one grou

5、p,making attack attribution more challenging than in previous years.Due to its effectiveness,social engineering continued to trend as an initial access technique for cybercriminals.The exploitation of human behavior and mistakes is again rising as technical protections are increasingly effective.In

6、2024,Deloitte CTI observed a shift from brute-force attacks to using deliberately stolen username and password combinations to authenticate on corporate virtual private networks(VPNs).Deloitte IR teams noted on multiple occasions that threat actors used subscription-based cloud services,shifting awa