Cisco Talos Report: The education sector the most targeted industry for cyberattacks in 2024
Unsurprisingly, identity-based attacks emerged as the most dominant threat, accounting for 60% of Cisco Talos incident response cases in 2024.
The report, based on telemetry from over 46 million global devices across 193 countries and regions, including the Middle East, analyses the most significant trends in threat actor behavior, including identity attacks, ransomware, network vulnerabilities, and the role of artificial intelligence (AI) in cyber threats.
The findings reveal that in 2024, threat actors prioritized stealth and efficiency, leveraging simpler techniques rather than custom malware or zero-day vulnerabilities. Notably, identity-based attacks emerged as the dominant threat vector, while ransomware incidents increasingly exploited valid credentials to gain access.
Commenting on the report's findings, Fady Younes, Managing Director for Cybersecurity at Cisco Middle East, Africa, Türkiye, Romania and CIS, stated: 'The findings from Cisco Talos' 2024 Year in Review highlight the critical need for a solid cybersecurity foundation. Cybercriminals are continually taking advantage of security gaps, demonstrating the essential nature of a proactive, identity-focused defense strategy. And with the emergence of remote and hybrid working models, implementing a Zero-Trust Network Access (ZTNA) strategy is key to ensure that the correct security controls are in place while enhancing end-user experience. By staying aware of these evolving tactics, organizations can reinforce their security measures and more effectively shield themselves from new and emerging threats.'
To strengthen cybersecurity and protect against emerging threats, Cisco Talos shares five key recommendations: promptly install updates and patches, enforce strong authentication methods, implement best practices such as strict access controls, network segmentation, and employee training, encrypt all traffic for secure monitoring and configuration, and apply all security measures across the network infrastructure.
By adopting these practices, organizations can build a more resilient security posture.
Top threats observed in 2024 include:
Identity-based attacks: These attacks accounted for 60% of all Cisco Talos Incident Response (IR) cases, with Active Directory identified as a prime target, representing 44% of such incidents. Additionally, 20% of identity-based compromises affected cloud applications, with APIs being particularly attractive due to their access to sensitive data.
Ransomware tactics: Last year, ransomware attacks continued to impact organizations globally, with attackers using valid accounts for initial access in nearly 70% of cases. Many ransomware operators successfully disabled security solutions, while the education sector was the most targeted industry due to budget constraints and extensive attack surfaces. Additionally, LockBit remained the most active ransomware-as-a-service (RaaS) group for the third consecutive year, despite increased law enforcement efforts.
Exploitation of Network Vulnerabilities: A major concern in 2024 was the persistent exploitation of older vulnerabilities, particularly those affecting widely used software and hardware. Many of the top-targeted network vulnerabilities impacted end-of-life (EOL) devices that no longer receive patches yet remain actively targeted by cybercriminals. The most frequently targeted vulnerabilities were older CVEs that have been public for several years.
Multi-Factor Authentication (MFA) Abuse: Multi-factor authentication (MFA) abuse was another prevalent attack vector during the year. Based on Cisco Duo data, identity and access management (IAM) applications were the most frequently targeted in MFA attacks, accounting for nearly a quarter of related incidents. This highlights the critical need for robust MFA implementations and vigilant monitoring of IAM systems.
AI-Refined Cyber Threats: Despite industry speculation regarding AI-driven cyber threats, the report found that threat actors primarily used AI to refine existing techniques. Enhancements in social engineering tactics and task automation were the primary applications of AI, rather than the development of entirely new methods of attack.
Cisco Talos' 2024 Year in Review provides valuable insights for cybersecurity professionals and organizations looking to enhance their defense strategies. By identifying key trends and offering actionable recommendations, the report serves as a critical resource for mitigating emerging cyber threats.
For more information, please visit https://talosintelligence.com/
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
Arabian Post
21 hours ago
- Arabian Post
SonicWall Expands Cybersecurity Solutions with Refreshed Next-Generation Firewalls, Unified Management and Integrated ZTNA to Solidify Its Position as the MSP and MSSP Platform of Choice
SonicWall's latest release features built-in Zero Trust, embedded warranty, and co-managed services empowering partners to deliver scalable, smart security with simplicity and confidence SINGAPORE – Media OutReach Newswire – 14 August 2025 – SonicWall today introduced nine new firewalls as part of its Generation 8 portfolio, taking a pivotal step in delivering a cybersecurity platform purpose-built for Managed Service Providers (MSPs), Managed Security Service Providers (MSSPs), and the customers they serve. This announcement underscores SonicWall's commitment to delivering integrated cybersecurity solutions that address today's threat landscape from the endpoint to the local network to the cloud. The Generation 8 portfolio strengthens SonicWall's ability to deliver simplified, scalable, and affordable solutions, empowering partners to offer uncompromising, world-class security. SonicWall's latest firewalls combine advanced protection, intelligent cloud management, Zero Trust security, and expert-backed services for a single monthly price. ADVERTISEMENT 'We're not just delivering a new set of high-performance firewalls, we're preparing our partners and their customers for the latest threats and market requirements,' said Bob VanKirk, President and CEO of SonicWall. 'Our new firewall lineup is just one part of a broader, unified platform strategy. With SonicWall Unified Management, embedded ZTNA, the SonicSentry managed services team, and the industry's first built-in cyber warranty, we're helping partners shift from resellers to high-value security providers. This launch arms our partners with the tools they need to win more business and strengthen customer trust by providing market-leading cybersecurity protection.' More Than Firewalls: A Unified, MSP-Ready Cybersecurity Platform The Generation 8 refresh is part of SonicWall's integrated approach to deliver outcomes, not just infrastructure. SonicWall's platform combines hardware, software, managed services, flexible billing, and deep third-party integrations to help partners scale efficiently and protect customers at every edge. Key platform features include: SonicWall Unified Management – A single cloud console to manage firewalls, network policies, access controls, and accounts, reducing operational complexity. – A single cloud console to manage firewalls, network policies, access controls, and accounts, reducing operational complexity. Built-in ZTNA – Every firewall come with embedded licenses for next-gen secure remote access, making modern cloud access control easy to deploy. – Every firewall come with embedded licenses for next-gen secure remote access, making modern cloud access control easy to deploy. SonicSentry Co-Managed Security – Optional 24/7 monitoring, patching, and monthly reporting, backed by SonicWall experts. – Optional 24/7 monitoring, patching, and monthly reporting, backed by SonicWall experts. Backed by a Cyber Warranty – Industry-first embedded $200K coverage with every managed firewall through Managed Protection Security Suite (MPSS). 'Today's MSPs and MSSPs need more than just great technology, they need support scaling their business,' said Jason Carter, Chief Revenue Officer at SonicWall. 'From flexible licensing to co-managed security services, we're giving partners every advantage to grow margins, differentiate offerings, and meet their customers' evolving needs.' ADVERTISEMENT Debasish Mukherjee, Vice President of Sales, APJ at SonicWall said, 'MSPs and MSSPs especially in the APJ region are under increasing pressure to deliver stronger security outcomes while scaling efficiently across diverse markets. SonicWall's new Generation 8 platform directly addresses this challenge, combining intelligent firewalls, cloud-native management, and built-in Zero Trust into one, unified solution. It's built for today's real-world needs, enabling partners to lead with confidence while helping customers stay secure and ahead of evolving threats.' Next-Gen Firewalls Engineered for Performance, Built for Growth SonicWall's Generation 8 release features eight new firewall models, ranging from the ultra-compact TZ280 to the high-performance NSa 5800, each engineered to deliver best-in-class security, performance, and scalability for small offices, distributed environments, and mid-sized enterprises. Every model is equipped with cloud-native management built for service providers through SonicWall Unified Management, built-in Zero Trust capabilities, the latest SonicOS enhancements, and is protected by SonicWall's industry-first embedded cyber warranty. Additionally, the entire Generation 8 lineup can be purchased with MPSS, enabling co-managed security services delivered by the SonicSentry team of security professionals. Designed for Real-World MSP Use Cases From cloud-first organizations and remote workforces to distributed enterprises, SonicWall's platform adapts to the real-world challenges of partners and their clients. Use cases include: SMB and mid-market security with embedded Zero Trust Multi-tenant environments with centralized oversight Compliance-friendly co-management with built-in monthly health reports Full-stack offerings with warranties and optional cyber insurance coverage up to $1M Enabling Recurring Revenue and Simplified Service Delivery SonicWall offers both self-managed APSS and fully co-managed MPSS security bundles, all available via monthly billing options with no minimums or long-term commitments – ensuring partners can flexibly serve clients while building predictable recurring revenue. For more information, visit: Hashtag: #SonicWall The issuer is solely responsible for the content of this announcement. About SonicWall SonicWall is a cybersecurity forerunner with more than 30 years of expertise and is recognized as the leading partner-first company. With the ability to build, scale and manage security across the cloud, hybrid and traditional environments in real-time, SonicWall provides seamless protection against the most evasive cyberattacks across endless exposure points for increasingly remote, mobile and cloud-enabled users. With its own threat research center, SonicWall can quickly and economically provide purpose-built security solutions to enable any organization—enterprise, government agencies and SMBs—around the world. For more information, visit or follow us on Twitter , LinkedIn , Facebook and Instagram .
Tahawul Tech
2 days ago
- Tahawul Tech
'Modern networks need to be predictive autonomous and secure by design.' – Mohannad Abuissa, Cisco
Mohannad Abuissa, Director of Solutions Engineering and CTO for Cisco in the Middle East and Africa, has written an op-ed, which argues that whilst its clear AI is transforming networks, it is also raising the stakes and adding complexity. As the UAE accelerates its transformation into a global hub for innovation, smart infrastructure, and digital excellence, the reliance on robust, secure network connectivity becomes more critical than ever. The country's ambitious investments in artificial intelligence (AI), cloud computing, and cybersecurity are positioning it at the forefront of digital evolution, driving its vision for a knowledge-based economy. The UAE's focus on innovation and seamless digital operations, from smart cities to tech hubs, means that any disruption carries widespread consequences across critical sectors. According to Cisco's latest global networking report, insights from over 8,065 senior IT and business leaders worldwide, including more than 250 in the UAE, reveal a stark reality: just one severe network outage per organization each year can cause a staggering economic loss of billions globally. Downtime's true cost goes beyond money While it's easy to consider downtime mainly as a financial loss, its true effects run far deeper. Beneath the numbers lies a more significant problem: each outage erodes trust, hampers productivity, and diminishes future opportunities. When the network fails, supply chains are disrupted, customer service suffers, and the company's reputation can be damaged. IT leaders in the UAE are already delivering financial value from today's networks – largely by improving customer experiences (59%), boosting efficiency (57%), and enabling innovation (56%). But much of that value is at risk if it comes from infrastructure that hasn't been designed for AI or real-time scale. To unlock the full growth and savings they expect, leaders have identified critical gaps they must close: siloed or partially integrated systems (64%), incomplete deployments (55%), and reliance on manual oversight (50%). Smarter, more secure, more adaptive networks are the business case for investment. 96% say improved networks will directly drive revenue, and 97% expect meaningful cost savings – driven by smarter operations, fewer outages, and lower energy use. AI is transforming networks — and elevating the risks AI is transforming networks — and raising the stakes. The rise of AI assistants, autonomous AI agents, and data-driven workloads is fundamentally changing how work gets done, but it's also generating network traffic that is more complex, unpredictable, and demanding than ever before. These applications require vast bandwidth and ultra-low latency to support real-time and near real-time processing. Our research reveals that 67% of respondents say their current data centres can't fully support AI requirements, and 92% intend to boost capacity—whether on-premises, in the cloud, or both. This significant investment shift reflects the nation's commitment to becoming a global AI leader. This is not just about managing more data; it's about enabling real-time insights, supporting innovative applications, and driving growth at an unprecedented scale for the UAE economy. The network is no longer just the backbone – it's the engine driving UAE's digital transformation, yet it faces unprecedented pressures from the complexity of AI workloads. Secure Networking: Essential for Business Growth With increased complexity comes greater risk. As networks become more dynamic and distribute their vulnerability to cyber threats grows. In the UAE 99% of organizations consider secure networking vital to their operations and growth with 68% viewing it as critical. Additionally, 97% believe that enhancing their network will improve their cybersecurity posture. We are at a crucial turning point. The traditional view of networks as static and siloed systems is no longer relevant. Modern networks need to be predictive autonomous and secure by design. They must support seamless connectivity for AI workloads remote teams and hybrid cloud environments all while safeguarding data applications and reputation. At Cisco, we see this as both a challenge and an opportunity. By redesigning networks for greater flexibility, intelligence, and security, organizations can fully realize the advantages of AI, drive efficiency, and gain a sustainable edge in the marketplace. A pivotal moment — and a chance for growth The insights from our research indicate that network outages are no longer merely temporary inconveniences; they represent a multi-billion-dollar challenge to global innovation and economic progress. For UAE organizations, this underscores a significant area for consideration. Investing in modernizing and securing networks is poised to enable businesses to harness the full potential of AI, drive efficiencies, and maintain a long-term competitive edge
Zawya
04-08-2025
- Zawya
American University of Bahrain and Cisco forge strategic partnership to advance technical education
Manama: The American University of Bahrain (AUBH) signed a strategic Memorandum of Understanding (MoU) with Cisco, a global leader in networking and information technology, to expand the reach of the Cisco Networking Academy Program (NetAcad) in Bahrain. This collaboration is tailored to provide students with advanced training in computer networks and next-generation technologies, in alignment with the dynamic competencies. Under the terms of the agreement, Cisco's globally accredited curriculum will be seamlessly integrated into the academic programmes at the American University of Bahrain, thereby enhancing students' digital fluency and reinforcing their readiness for future employment. Beyond curricular enrichment, the partnership establishes a framework for expanded institutional cooperation focused on the continuous development of pedagogical methodologies and academic infrastructure. A key element of this initiative includes the professional development of AUBH faculty members through targeted training programmes aimed at ensuring the effective and innovative delivery of the integrated content. Moreover, the agreement gives AUBH students unrestricted access to Cisco's comprehensive suite of instructional resources, digital learning tools, and the full breadth of the Networking Academy (NetAcad) platform. It also promotes joint research endeavours and facilitates engagement with Cisco's latest technological advancements, reinforcing the university's commitment to fostering a technologically empowered academic environment. Dr. Wafa Almansoori Interim President and Provost of the American University of Bahrain, commented, 'This agreement with Cisco marks a milestone in our strategic efforts to enrich technical education in Bahrain's higher education sector. It signals a transformative move towards innovative learning models that align with the digital era and contribute meaningfully to the Kingdom's long-term development goals as outlined in Bahrain's Vision 2030.' Dr. Almansoori further added, 'This partnership presents a pivotal opportunity to position our students at the forefront of transformative disciplines such as computer networking, artificial intelligence, and cybersecurity—fields that constitute the backbone of the global digital economy. By embedding Cisco's internationally accredited curriculum within our academic framework, we are delivering an education that is not only rigorous and globally benchmarked, but also acutely aligned with the practical and strategic demands of the modern workforce. This initiative exemplifies our institutional commitment to cultivating graduates equipped with the advanced technical competencies and critical thinking skills required to lead innovation and actively contribute to Bahrain's national digital transformation agenda.'
