The year is still young, but the number of cyberattacks on businesses and institutions since January 2024 is already significant.
Last year, hackers stole data from major organisations including the BBC, the Royal Mail and the United States Department of Energy. According to a UK government survey, half of all businesses in the country were victims of some form of cyberattack in 2023. And the pace does not seem to be slowing down: in the past five months alone, victims of major cyberattacks include NHS Scotland and the French government.
All eyes are on the Paris 2024 Olympics which will take place in the French capital later this year, and are expected to face an “unprecedented challenge in terms of cybersecurity,” the director of the French Cybersecurity Agency (ANSSI) told reporters.
Tech Monitor has gathered the five biggest cyberattacks of 2024 as of May 2024.
What were the biggest cyberattacks of 2024 so far?
French State DDoS attack
In March, several French state services were targeted by a cyberattack that Prime Minister Gabriel Attal’s office described as a breach of “unprecedented intensity”. During almost an entire day, over 300 web domains and 177,000 IP addresses associated with the government were impacted, including severe disruptions to major public service websites. The incident was a denial-of-service (DDoS) attack, meaning hackers made websites unavailable by overwhelming the systems with information.
Hacker group Anonymous Sudan has claimed responsibility for the cyberattack. The group is known for carrying out DDoS attacks and claims to be based in Sudan and to target “anti-Muslim activity”. However, experts have voiced suspicions that Anonymous Sudan could be sympathetic to Russia.
Change Healthcare ransomware attack
Change Healthcare, the biggest operator of health payment processing in the US and a subsidiary of healthcare giant UnitedHealth was hit by a massive cyberattack in February 2024. For several weeks, healthcare staff in practices across the US were not able to receive payments from patients. CBS News reported that several healthcare providers lost up to $100 million per day in what it referred to as the “biggest ever cybersecurity attack on the American healthcare system”. Ongoing investigations will establish whether data containing patients’ personal information was stolen.
The Russia-based ransomware group ALPHV/BlackCat, one of the most prolific worldwide, claimed responsibility for the incident.
UnitedHealth’s April earning report noted that $872 million were spent on “unfavourable cyberattacks effects,” and the corporation’s CEO Andrew Witty later confirmed that an additional $22 million ransom was paid to the hacker group. The company said it expects the cyberattack to cost $1.6 billion this year.
At the time of writing, UnitedHealth is under scrutiny by U.S. lawmakers and the Biden administration, while they investigate the company’s handling of patient data and cybersecurity systems. During a congressional hearing on May 1, a senator told Witty that “this hack could have been stopped with cybersecurity 101” after it was found that the company’s server lacked multifactor authentication.
UK Ministry of Defence payroll hack
In early May 2024, the British government discovered that the payroll system of the UK armed forces had been hacked. The incident resulted in the personal data of nearly 270,000 current and former staff being exposed, including identities, bank details, and in some cases even national insurance details and addresses.
At the time of writing, there is no evidence that any stolen information was exploited. The attack had reportedly been going on for some weeks before it was discovered, and while the scale of the incident is massive, Prime Minister Rishi Sunak said that “the Ministry of Defence has already taken the action of removing the network offline and making sure that people affected are supported in the right way”.
The attack targeted SSCL, the private contractor responsible for managing the payroll system, but remains a “very significant matter”, the Work and Pensions Secretary Mel Stride told Sky News.
“The government will not name the country involved [in the cyberattack], but Sky News understands this to be China,” the platform reported. Only weeks before the breach was discovered, UK ministers accused China of illegally accessing the names and addresses of millions of people through an attack on voting registers. The Chinese foreign ministry denied the accusations.
NHS Scotland ransomware attack
In March, Inc Ransomware Group, a hacker group known for targeting public services, attacked the Scottish NHS Dumfries and Galloway. After publishing a small portion of the data as proof of the hack, the group threatened to publish 3 terabytes of stolen information. Two weeks later, Inc Ransomware Group followed through by publishing a massive quantity of sensitive healthcare-related patient and staff details including children’s mental health data on the dark web. According to the BBC, the published data includes clinical information on “thousands of patients” and “financial data on staff”.
The health board’s chief executive Julie White said the data release is an “utterly abhorrent criminal act”.
At the time of writing, the National Cyber Security Centre (NCSC), among other organisations, urges people potentially affected by the attack not to panic as it is working towards containing the leaks.
CVS IT systems hack
CVS, one of the biggest vet groups in the UK, was hit by a cyberattack in April which saw hackers gain access to its IT systems. The specific nature of the breached data was not disclosed, but CVS said in a statement that there was a “risk of malicious access to personal information”. As a response to the incident, the vet group had to take its IT systems offline, causing “considerable operational disruption” for a week.
The attack also prompted CVS to accelerate its plans to move all the IT infrastructure related to its practice management system to the cloud.