According to Cisco Talos' 2024 Year in Review: Identity-based attacks emerged as a dominant threat
Ransomware actors increasingly exploited valid credentials, with nearly 70% of incidents leveraging legitimate accounts for initial access.
The education sector was the most targeted industry, as institutions faced challenges with cybersecurity budgets and broad attack surfaces.
Dubai, UAE: Cisco Talos, one of the world's most trusted threat intelligence teams, has released its annual report, ' Cisco Talos 2024 Year in Review ', sharing strategic insights into the evolving cybersecurity global landscape. The report, based on telemetry from over 46 million global devices across 193 countries and regions, including the Middle East, analyzes the most significant trends in threat actor behavior, including identity attacks, ransomware, network vulnerabilities, and the role of artificial intelligence (AI) in cyber threats.
The findings reveal that in 2024, threat actors prioritized stealth and efficiency, leveraging simpler techniques rather than custom malware or zero-day vulnerabilities. Notably, identity-based attacks emerged as the dominant threat vector, while ransomware incidents increasingly exploited valid credentials to gain access.
Commenting on the report's findings, Fady Younes, Managing Director for Cybersecurity at Cisco Middle East, Africa, Türkiye, Romania and CIS, stated: 'The findings from Cisco Talos' 2024 Year in Review highlight the critical need for a solid cybersecurity foundation. Cybercriminals are continually taking advantage of security gaps, demonstrating the essential nature of a proactive, identity-focused defense strategy. And with the emergence of remote and hybrid working models, implementing a Zero-Trust Network Access (ZTNA) strategy is key to ensure that the correct security controls are in place while enhancing end-user experience. By staying aware of these evolving tactics, organizations can reinforce their security measures and more effectively shield themselves from new and emerging threats."
To strengthen cybersecurity and protect against emerging threats, Cisco Talos shares five key recommendations: promptly install updates and patches, enforce strong authentication methods, implement best practices such as strict access controls, network segmentation, and employee training, encrypt all traffic for secure monitoring and configuration, and apply all security measures across the network infrastructure. By adopting these practices, organizations can build a more resilient security posture.
Top threats observed in 2024 include:
Identity-based attacks: These attacks accounted for 60% of all Cisco Talos Incident Response (IR) cases, with Active Directory identified as a prime target, representing 44% of such incidents. Additionally, 20% of identity-based compromises affected cloud applications, with APIs being particularly attractive due to their access to sensitive data.
Ransomware tactics: Last year, ransomware attacks continued to impact organizations globally, with attackers using valid accounts for initial access in nearly 70% of cases. Many ransomware operators successfully disabled security solutions, while the education sector was the most targeted industry due to budget constraints and extensive attack surfaces. Additionally, LockBit remained the most active ransomware-as-a-service (RaaS) group for the third consecutive year, despite increased law enforcement efforts.
Exploitation of Network Vulnerabilities: A major concern in 2024 was the persistent exploitation of older vulnerabilities, particularly those affecting widely used software and hardware. Many of the top-targeted network vulnerabilities impacted end-of-life (EOL) devices that no longer receive patches yet remain actively targeted by cybercriminals. The most frequently targeted vulnerabilities were older CVEs that have been public for several years.
Multi-Factor Authentication (MFA) Abuse: Multi-factor authentication (MFA) abuse was another prevalent attack vector during the year. Based on Cisco Duo data, identity and access management (IAM) applications were the most frequently targeted in MFA attacks, accounting for nearly a quarter of related incidents. This highlights the critical need for robust MFA implementations and vigilant monitoring of IAM systems.
AI-Refined Cyber Threats: Despite industry speculation regarding AI-driven cyber threats, the report found that threat actors primarily used AI to refine existing techniques. Enhancements in social engineering tactics and task automation were the primary applications of AI, rather than the development of entirely new methods of attack.
Cisco Talos' 2024 Year in Review provides valuable insights for cybersecurity professionals and organizations looking to enhance their defense strategies. By identifying key trends and offering actionable recommendations, the report serves as a critical resource for mitigating emerging cyber threats. For more information, please visit https://talosintelligence.com/
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
Zawya
04-08-2025
- Zawya
American University of Bahrain and Cisco forge strategic partnership to advance technical education
Manama: The American University of Bahrain (AUBH) signed a strategic Memorandum of Understanding (MoU) with Cisco, a global leader in networking and information technology, to expand the reach of the Cisco Networking Academy Program (NetAcad) in Bahrain. This collaboration is tailored to provide students with advanced training in computer networks and next-generation technologies, in alignment with the dynamic competencies. Under the terms of the agreement, Cisco's globally accredited curriculum will be seamlessly integrated into the academic programmes at the American University of Bahrain, thereby enhancing students' digital fluency and reinforcing their readiness for future employment. Beyond curricular enrichment, the partnership establishes a framework for expanded institutional cooperation focused on the continuous development of pedagogical methodologies and academic infrastructure. A key element of this initiative includes the professional development of AUBH faculty members through targeted training programmes aimed at ensuring the effective and innovative delivery of the integrated content. Moreover, the agreement gives AUBH students unrestricted access to Cisco's comprehensive suite of instructional resources, digital learning tools, and the full breadth of the Networking Academy (NetAcad) platform. It also promotes joint research endeavours and facilitates engagement with Cisco's latest technological advancements, reinforcing the university's commitment to fostering a technologically empowered academic environment. Dr. Wafa Almansoori Interim President and Provost of the American University of Bahrain, commented, 'This agreement with Cisco marks a milestone in our strategic efforts to enrich technical education in Bahrain's higher education sector. It signals a transformative move towards innovative learning models that align with the digital era and contribute meaningfully to the Kingdom's long-term development goals as outlined in Bahrain's Vision 2030.' Dr. Almansoori further added, 'This partnership presents a pivotal opportunity to position our students at the forefront of transformative disciplines such as computer networking, artificial intelligence, and cybersecurity—fields that constitute the backbone of the global digital economy. By embedding Cisco's internationally accredited curriculum within our academic framework, we are delivering an education that is not only rigorous and globally benchmarked, but also acutely aligned with the practical and strategic demands of the modern workforce. This initiative exemplifies our institutional commitment to cultivating graduates equipped with the advanced technical competencies and critical thinking skills required to lead innovation and actively contribute to Bahrain's national digital transformation agenda.'
Tahawul Tech
30-07-2025
- Tahawul Tech
'Security is embedded at every layer with our solutions'
Mohamad Sabra, Regional Director SMB – Middle East, Africa, Türkiye, Romania & CIS, Cisco and Renton D'Souza, Vice President, Comstor MEA took a moment to speak about their respective views on how SMB solutions help businesses overcome challenges and enjoy the benefits of digital transformation and cloud adoption. Answered by Mohamad Sabra Q: What are the main challenges SMBs face in today's digital landscape Small and medium-sized businesses (SMBs) are the backbone of local economies, driving innovation, job creation, and community growth. Yet, as the digital landscape evolves at unprecedented speed, SMBs face a unique set of challenges that demand strategic focus, adaptability, and resilience. They need to adopt technology to build and run a digital business, but typically lack the human and financial resources to create and manage their own IT infrastructure. Specifically, SMBs face challenges in cybersecurity, technology integration, remote and hybrid work complexities, as well as cloud adoption, Q: How do Cisco's SMB solutions empower small and medium businesses to thrive in today's digital-first world, and what sets Cisco apart from other providers in this space? Cisco's SMB solutions are designed to help small and medium businesses build the foundation needed to compete and grow in a rapidly evolving market. Our approach combines cloud-managed networking, built-in security, and seamless collaboration tools that are easy to deploy and manage, even for organisations with limited IT resources. What sets Cisco apart is our ability to deliver enterprise-grade technology in a simplified, cost-effective solution tailored for SMBs. For example, our cloud-managed Meraki platform allows businesses to control their entire network from an intuitive dashboard, enabling remote management, automatic updates, and real-time analytics—features that traditionally required large IT teams. Security is embedded at every layer, with solutions such as firewalls, intrusion prevention, and zero-trust access controls to protect sensitive data without sacrificing usability. For collaboration, tools like Webex keep distributed teams connected and productive, whether they're in the office or working remotely. Finally, Cisco offers award-winning support and a broad ecosystem of partners to ensure SMBs have the guidance and resources they need at every stage of their digital transformation. Our goal is to make advanced technology accessible, so SMBs can focus on what matters most – growing their business. Answered by Renton D'Souza Q: How does Comstor support partners in delivering Cisco SMB solutions to the market? Comstor acts as a strategic distributor and advisor for partners, providing enablement, training, and access to Cisco's full SMB portfolio. Recent initiatives include launching a white-labelled Managed SOC (Security Operations Centre) built on Cisco's XDR platform, allowing partners to offer advanced cybersecurity services under their own brand, supported by 24/7 monitoring and expert guidance. This approach reduces partners' operational burdens and accelerates their entry into the cybersecurity services market. Q: How are Cisco and Comstor enabling SMBs to benefit from digital transformation and cloud adoption? Cisco and Comstor help SMBs embrace digital transformation by providing cloud-native, automated networking and security solutions that scale as the business grows. Comstor's partner support includes guidance on cloud migration, access to training, and technical enablement. Cisco's solutions allow SMBs to control their networks from anywhere, streamline operations, and adopt hybrid work models securely and efficiently. Image Credit: Comstor & Cisco
Tahawul Tech
29-07-2025
- Tahawul Tech
Global study by Cisco shows that hyper-personalisation is mission-critical for CX
Cisco has unveiled the findings of its global study on CX, which showed that AI, hyper-personalisation and proactive engagements are going to be key for enterprises looking to ensure that they continue to deliver first-class CX for their customers. Advancements in artificial intelligence, hyper-personalisation, rich communication services, and unified data are expected to enhance customer loyalty and address rising expectations in the Middle East and beyond. For many organisations, delivering an outstanding CX remains a challenge; a global study conducted by Cisco showed that many customers feel let down by the experiences they receive from brands. Only 25% of customers globally said they were very satisfied with their last service engagement—and 94% have abandoned interactions due to poor experiences. To meet growing customer expectations, businesses in the Middle East are leveraging AI, data analytics, and integrated platforms to improve efficiency, drive customer satisfaction, and support sustainable growth. Ahmad Zureiki, Director of Collaboration Business, Cisco Middle East and Africa, commented: 'As customer experience leaders evaluate their investments, it is important to anticipate what's around the corner, assessing how future developments may impact CX strategy and execution. Leaders in CX are approaching AI technology with a clear, strategic focus – one that prioritises customer impact, agent empowerment, and operational efficiency. The widespread adoption of AI will enhance customer experiences and redefine engagement benchmarks, solidifying its role as a vital component of customer service in the region.' AI agents will revolutionise self-service AI agents will redefine self-service by enabling more intelligent, human-like interactions across voice and digital channels. Unlike traditional virtual assistants, these advanced AI-driven agents will engage customers in natural conversations. They ensure faster and more effective resolutions, while freeing human representatives to handle complex or high-value cases. Brands will increasingly tailor these kinds of agents to reflect their unique values, creating more authentic and emotionally resonant experiences. Additionally, the rise of low-code and no-code tools will make AI more accessible, allowing non-technical employees to deploy and refine artificial intelligence solutions easily. With AI adoption accelerating, leading companies are already leveraging AI agents at a significantly higher rate than their competitors, emphasising its role in shaping superior customer experiences. In fact, Cisco's global study showed that 79% of 'CX Leaders' (companies with the highest business performance) have an AI virtual agent, whereas 7% of 'CX Laggards do' (companies typically slower to adopt new ideas, technologies, or trends). Hyper-personalisation will become mission critical for CX AI will revolutionise personalisation by helping organisations extract valuable insights from customer data to anticipate needs, tailor experiences, and drive upsell opportunities. Businesses will leverage AI to create hyper-personalised journeys that seamlessly transition between automated and human-assisted interactions, enhancing CX and fostering long-term loyalty. A key element of this transformation is proactive communication. Brands that engage customers with timely, automated messages will reduce friction, resolve issues before they arise, and strengthen relationships. As AI adoption grows, these proactive, personalized experiences will set new customer expectations, with CX leaders already leveraging AI at a significantly higher rate than their competitors. It is notable that 61% of CX Leaders deliver proactive communications using AI. Rich Communication Services (RCS) adoption will skyrocket Rich Communication Services (RCS) will see a surge in adoption as its support on both iPhone and Android expands its global reach. With its ability to deliver rich media, interactive messaging, and two-way engagement, RCS is poised to become the industry standard for business communication. Brands will leverage its advanced features for promotions, reminders, and seamless interactions while benefiting from improved security through end-to-end encryption and verified sender profiles. As businesses recognize its value, RCS will play a crucial role in building customer trust and elevating digital engagement. CX data will have to become unified Unifying customer data will be essential for delivering AI-driven, hyper-personalised experiences across multiple channels, including RCS. While large organisations face challenges in consolidating data from disparate sources, achieving a holistic customer view will be fundamental to optimizing CX. By integrating data from various systems, businesses will empower AI and human agents with real-time insights, enabling faster resolutions and more seamless interactions. Moreover, a comprehensive understanding of customer needs will maximize AI's potential, allowing brands to anticipate issues, proactively engage customers, and provide trust. With unified data, organisations can identify trends, reduce friction points, and refine experiences at every touchpoint. As the CX landscape and customer expectations continue to evolve, Webex by Cisco is helping to bridge the digital divide with an AI-powered, self-learning contact center that delivers unmatched self-service, empowers agents with essential tools, and connects data to drive real business results. By equipping agents with real-time insights, journey data, and context for each customer, organisations can strive to not only meet but exceed expectations, delivering the best experience, every time.
