In 2024, the cybersecurity landscape faced unprecedented challenges and rapidly accelerating technological advancements, with nation-state and non-nation-state actors, groundbreaking quantum computing risks, and AI-driven threats redefining the global digital battlefield.

Summary

This analysis offers a comprehensive exploration of strategic shifts, regulatory updates, and the critical importance of proactive cybersecurity in a rapidly evolving threat environment.

The 2024 Year-End Review on Cybersecurity underscores the intensifying challenges posed by state-sponsored cyber espionage, particularly from China and Russia, while examining pivotal incidents like the CrowdStrike outage and the largest telecom intrusions in history.

Emerging technologies such as quantum computing and AI are at the forefront, reshaping offensive and defensive strategies, with initiatives on quantum-safe encryption and AI risk management frameworks gaining prominence.

This review also delves into legislative and diplomatic efforts to counter cybercrime and enhance security, including U.S. collaborations under the UN Cybercrime Treaty and measures to curb China’s cyber activities. This analysis comprehensively explores strategic shifts, regulatory updates, and the critical importance of proactive cybersecurity in a rapidly evolving threat environment.

2024 Year-End Review: Cybersecurity (by Topics and Themes)

Nation-State Cyber Activity and Geopolitics

• China’s Great Hack: An Alarming Reality
• Beijing’s Digital Trojan Horse
• China’s Hacking Contest Ecosystem: A Strategic Cybersecurity Asset
• Russia’s Cyber Activities: From Attacks to Conventional Battlefield Support
• Volt Typhoon’s Recent Zero-Day Attack on U.S. Internet Providers
• China Uses “Alleged” Leaked Intel Docs to Flip Narrative of VOLT TYPHOON
• The State Department’s Cyber Strategy Seeks to Build Coalitions Against China
• The U.S. Looks to Legislation to Curb China’s Cyber Activities

Critical Infrastructure and Cybersecurity Resilience

• Shields Ready: Critical Infrastructure Security and Resilience
• A Critical Infrastructure Risk and Vulnerability Assessment
• The Water Sector is Being Threatened: That Should Worry Everyone
• Protecting Cyber Infrastructure in the Age of Great Power Competition

Quantum Computing and Post-Quantum Security

• Quantum-Safe Encryption: A Critical Frontier for U.S. National Security
• The Convergence of Quantum Computing and Bitcoin: Assessing Security Risks and the Post-Quantum Future
• Executive’s Guide: Navigating the Impact of NIST’s Finalized Post-Quantum Encryption Standards
• Quantum Reorientation: NIST Announces Three Finalized Post-Quantum Encryption Standards
• Accelerating Quantum Convergence
• Quantum Day (aka “Q-Day”) is a Gray Rhino Stridently Galloping Straight at Your Organization

Artificial Intelligence and Emerging Technologies

• AI-Fueled Cryptocurrency Crime: A Growing Threat
• Attacker vs. Defender: Who Will Win the Race to Best Operationalize AI?
• Continued AI Integration Drives the Race Between Attackers and Defenders
• Findings from the DEFCON31 AI Village Inaugural Generative AI Red Team Challenge
• The October 2024 OODA Network Monthly Meeting: Attacks on Generative AI
• DARPA’s AI Cyber Challenge (AIxCC) Finalists
• AI Governance and Corporate Oversight Efforts

Major Cybersecurity Incidents and Lessons Learned

• The Largest IT Outage in History: CrowdStrike and Microsoft Scramble to Patch
• The CrowdStrike Incident and the Evolving Role of CISOs and Boards
• An Overview of the NIST NVD Backlog Debacle
• What to Know and Do About the Largest Telecom Intrusions in History

Legislation, Regulation, and International Agreements

• The U.S. to Fall in Line with UN Cybercrime Treaty
• Cybersecurity Regulation Harmonization: Done Correctly, Not Quickly
• Board Members Should Review Cyber Risk Disclosure Procedures Following SEC Enforcement
• The Cyberspace Solarium Commission 2.0: Key Recommendations

Sector-Specific Cybersecurity Challenges

• The Financial Sector and Managing AI-Specific Cybersecurity Risks
• HHS Bolsters Healthcare Cybersecurity Initiatives
• On-Chip Governance of the IT Supply Chain and AI Chip Security
• Hardware-Level Zero Trust and Quantifiable Assurance for IT Supply Chains

Strategic Guidance and Recommendations

• Cyber Recommendations for the New Administration
• Balancing Cybersecurity Accountability with Practical Support
• What Executives Need to Know About the 2024 Annual Threat Assessment
• How to Properly Cut Your Cybersecurity Budget

 2024 Year-End Review: Cybersecurity (by Month)

December 2024

The year ended with a focus on supply chain security and the risks associated with digital dependencies. OODAcon 2024 highlighted China’s cyber tactics and broader global cybersecurity challenges. Discussions on the convergence of quantum computing and Bitcoin emphasized the transformative risks ahead, signaling the criticality of adapting to an increasingly complex threat landscape.

• Future of Supply Chain Wars
• OODAcon 2024: China – Current Threats and Emerging Risks
• Beijing’s Digital Trojan Horse
• Accelerating Quantum Convergence
• The Convergence of Quantum Computing and Bitcoin: Assessing Security Risks and the Post-Quantum Future Tip of the Cyber Pyramid
• The United States Looks to Legislation to Curb China’s Cyber Activities
• Bootstrapping the Future:  Overall Themes from OODAcon 2024

November 2024

China’s aggressive cyber activities were spotlighted, from orchestrated hacks to strategic use of its hacking contest ecosystem. The largest telecom intrusions in history revealed vulnerabilities at a massive scale. Meanwhile, AI-fueled cryptocurrency crime emerged as a growing threat, and U.S. engagement in the UN Cybercrime Treaty demonstrated efforts to build international coalitions against cybercrime.

• China’s Great Hack: An alarming reality
• What To Know And Do About The Largest Telecom Intrusions in History: An executive’s guide
• Opinion: What Will Cyber Look Like with Trump 2.0?
• The U.S. to Fall in Line with UN Cybercrime Treaty
• China’s Hacking Contest Ecosystem: A Strategic Cybersecurity Asset
• AI-Fueled Cryptocurrency Crime: A Growing Threat
• What Will the Next President Bring to the Cyber Game?
• Balancing Cybersecurity Accountability with Practical Support
• On-Chip Governance of the IT Supply Chain and AI Chip Security

October 2024

Generative AI threats became a focal point as organizations dealt with evolving attack methods. High-profile incidents, such as the CrowdStrike outage, illustrated the shifting roles of CISOs and boards in managing cybersecurity. The Department of Defense’s Cybersecurity Maturity Model Certification Rule was implemented, highlighting the growing regulatory emphasis on cyber.

• The Crowdstrike Incident and the Evolving Role of CISOs and Boards
• The October 2024 OODA Network Monthly Meeting: Pillar Security CEO Dor Sarig on the State of Attacks on Generative AI
• Cyber Recommendations for the New Administration
• An OODA Network Member Discussion: The CrowdStrike Incident and Potential Geopolitical October Surprise(s)
• Board Members Should Review Cyber Risk Disclosure Procedures Following SEC Enforcement
• China Uses “Alleged” Leaked Intel Docs to Flip Narrative of VOLT TYPHOON
• Department of Defense Implements Cybersecurity Maturity Model Certification Rule
• SALT TYPHOON Exploits Backdoor to U.S. Wiretap System
• Strategy for Migrating to Automated Post-Quantum Cryptography Discovery and Inventory Tools
• Cyber and Tech Diplomacy “Move from the Periphery to the Center” of International Relations
• The U.S. Needs to Cut – Not Add To – It’s Cyber Bloat

September 2024

Efforts to enhance internet routing security and protect cyberinfrastructure in the face of great power competition intensified. Discussions at the Cyberspace Solarium Commission 2.0 reflected on strategic steps for the next administration. The need for quantum-safe encryption was a critical topic, emphasizing national security’s dependence on technological foresight.

• Cyberspace Solarium Commission 2.0 Brings Much to Think About for the Next Presidential Administration
• Strengthening Internet Routing Security
• What You Need to Know About Protecting Cyber Infrastructure In The Age of Great Power Competition
• Attacker VS Defender.  Who Will Win the Race to Best Operationalize AI?
• Can a Trilateral Mitigate North Korean Cyber Activity?  There’s Potential, But…
• A Critical Infrastructure Risk and Vulnerability Assessment
• What You Need to Know About Technological and Economic Threats to U.S. Financial Systems
• This Election Season Stopping Misinformation Must Start at the Top
• Quantum-Safe Encryption: A Critical Frontier for U.S. National Security

August 2024 

This month focused on critical infrastructure resilience amid escalating information warfare, social engineering, and ransomware threats. The finalized NIST post-quantum encryption standards highlighted progress toward securing a quantum future. Global cybersecurity events like Black Hat USA 2024 and DEFCON 32 emphasized emerging attack trends and defensive innovations.

• Shields Ready: Critical Infrastructure Security and Resilience
• Information Warfare, Social Engineering, and Ransomware: A Global Situational Awareness and Threat Vector Survey
• Hacking Blame Games Don’t Work – Will Anything?
• “…Leaving our Nation Vulnerable to Cyber Invasion”: Volt Typhoon’s Recent Zero Day Attack on U.S. Internet Providers
• Executive’s Guide: Navigating the Impact of NIST’s Finalized Post-Quantum Encryption Standards
• DARPA’s AI Cyber Challenge (AIxCC) Finalists
• The Geopolitics of Cyber Espionage Goes Far Beyond Sensitive Information Theft
• The Financial Sector and Managing Artificial Intelligence-Specific Cybersecurity Risks
• The August 2024 OODA Network Monthly Meeting: Insights and Takeaways from Black Hat USA 2024 and DEFCON 32
• The Crowdstrike Incident – OODA Loop Update #4
• CISA Director Easterly on “Democracy’s Biggest Year: The Fight for Secure Elections Around the World”
• Quantum Reorientation: NIST Announces Three Finalized Post-Quantum Encryption Standards
• The UN Cybercrime Is Treaty Getting Ready for Prime Time
• DEFCON 32
• This Week, the Future of AI, Cybersecurity, and Infrastructure Security is in the Southwestern Desert of the U.S.A.
• Black Hat 2024 – Startup Spotlight Competition: OODA Network Member Robert J. Stratton III Participates as Industry Judge
• Russia Some Cyber Activities from Attacks to Conventional Battlefield Support

July 2024 

The largest IT outage in history, involving CrowdStrike and Microsoft, disrupted operations worldwide and underscored the need for diversification in cloud dependencies. The OODA Network discussions and subsequent industry analyses pointed to lessons learned from this debacle. Concurrently, blockchain and quantum computing threats gained attention as future vulnerabilities.

• The July 2024 OODA Network Monthly Meeting: A Real-time Discussion of the Crowdstrike Global IT Outage
• The Botched Update Heard Around the World Calls for More Diversification
• Moscow-based Kaspersky Lab Shuts Down US Operations; Gifts Six Months of Access to U.S. Users
• Blockchain-based Credentials and the Expanded Threat Vector of Quantum Computing
• The Crowdstrike/Microsoft Global IT Outage Debacle: Ongoing Impacts and Recent Updates
• “This is Not a Security Incident or Cyberattack”: Microsoft and Crowdstrike Scramble to Patch ‘Largest IT Outage in History’
• The June 2024 OODA Network Monthly Meeting: The Uptick in Global IT Supply Chain Breaches (Frequency and Specific Targeting)
• Microsoft’s Black Eye Is a Warning to Other Cloud Providers

June 2024

The U.S. cybersecurity posture received praise for its improvements, but gaps in data privacy remained concerning. Controversy arose over the U.S. ban on Kaspersky Labs, prompting debates about effective regulation. The NIST NVD backlog underscored the challenges of keeping up with vulnerabilities as global IT supply chain incidents surged, including high-profile incidents affecting cloud providers.

• Is the Kaspersky Ban in the United States Warranted?
• Global Response to the U.S. Ban of Moscow-based Cybersecurity Behemoth Kaspersky Labs
• Cybersecurity Regulation Harmonization Need to Be Done Correctly, Not Quickly
• A Generational Shift: The Global Gaming Ecosystem as Attack Surface and Point of Entry
• An Overview of the NIST NVD Backlog Debacle: Cybersecurity Company Brought in on a Five-Year, $125M Contract to Assist
• Beyond Compliance: How the SEC’s Materiality Rules Should Transform Cybersecurity Oversight
• U.S. Gets Praise for Cybersecurity Posture Improvement but Where’s Data Privacy?

May 2024 

The convergence of AI and cybersecurity became central as the Cyber Arms Race evolved into AI weaponization. The annual U.S. Intelligence Community Threat Assessment emphasized the increasing frequency of cyberattacks. Government and private sector partnerships expanded to address ransomware threats, while discussions about hardware-level zero trust gained momentum as a future foundation for IT security.

• The Cyber Arms Race Gives Way to AI Weaponization
• What Executives Need To Know About The 2024 Annual Threat Assessment From the U.S. Intelligence Community
• Are PSYOPS in Cyberspace a Viable Tool Against Adversaries?
• HHS Launches $50 Million ARPA-H Program to Improve Hospital Cybersecurity
• The United States’ International Cyberspace and Digital Policy Strategy
• The State Department’s Cyber Strategy Seeks to Build Coalitions Against China
• The Social Engineering Tactics of Ransomware-as-a-Service Operator Black Basta
  Hardware-Level Zero Trust and Quantifiable Assurance are the Future of Compute and the Global IT Supply Chain
• Beijing Takes Another Jab at U.S. Cyber Operations
• NSA Artificial Intelligence Security Center – and Global IC Partners – on Deploying Secure AI Systems
• Is the Kaspersky Ban in the United States Warranted?
• Global Response to the U.S. Ban of Moscow-based Cybersecurity Behemoth Kaspersky Labs
• Cybersecurity Regulation Harmonization Need to Be Done Correctly, Not Quickly
• A Generational Shift: The Global Gaming Ecosystem as Attack Surface and Point of Entry
• An Overview of the NIST NVD Backlog Debacle: Cybersecurity Company Brought in on a Five-Year, $125M Contract to Assist
• Beyond Compliance: How the SEC’s Materiality Rules Should Transform Cybersecurity Oversight
• U.S. Gets Praise for Cybersecurity Posture Improvement but Where’s Data Privacy?

April 2024

Cyber threats surged in critical infrastructure sectors, with ransomware gangs leveraging advanced social engineering tactics. The DEFCON AI Village showcased generative AI as a double-edged sword for attackers and defenders. Reports of powerful malware, like the ‘Brokewell’ Android Trojan, exposed growing vulnerabilities in personal devices. Meanwhile, initiatives such as the UN Security Council’s engagement in international cybersecurity and the U.S.’s bolstered efforts in healthcare cybersecurity highlighted global and sector-specific responses.

• Houston, We Have a Problem… (Let’s Get to Solving It)
• Social Engineering Remains the Coin of the Realm for Ransomware Gangs (or APTs- Advanced Persistent Threats)
• Powerful ‘Brokewell’ Android Trojan Allows Attackers to Takeover Devices
• The UN Security Council Has a Role in International Cybersecurity
• The Philosophers’ Code: Enhancing Cybersecurity Strategy with Timeless Wisdom
• Findings from the DEFCON31 AI Village Inaugural Generative AI Red Team Challenge
• Continued AI Integration Drives the Race Between Attackers and Defenders
• Is Your Board of Directors Integrating AI Governance into its Corporate Oversight and Disclosure Efforts?
• After the Impact of the Change/United Healthcare Ransomware Attack, HHS Bolsters Healthcare Cybersecurity Initiatives
• The Water Sector Is Being Threatened.  That Should Worry Everyone
• Quantum Day (aka “Q-Day”) is a Gray Rhino Stridently Galloping Straight at Your Organization
• After His Presidential Re-election Victory, Putin Escalates Drone, Cyber and Disinformation Offensives

March 2024

The month centered on proactive measures to address persistent cyber threats and improve organizational resilience. U.S. government agencies intensified efforts to combat Chinese cyber espionage and human targeting, though questions remained about the sufficiency of these measures. The NIST Cybersecurity Framework 2.0 was introduced, offering updated guidelines for safeguarding critical systems. The long-awaited Privacy Executive Order was released, signaling a new era for data protection and privacy enforcement.

Within the cybersecurity community, calls for adopting memory-safe programming strategies and better diagnostics emphasized the need for improved cybersecurity quality. Discussions on efficient budget allocation for cybersecurity gained momentum, driven by the imperative to balance protection and cost. The OODA Almanac 2024 was revisited, highlighting strategic insights for navigating the evolving threat landscape, while the i-SOON data leak underscored ongoing vulnerabilities in data security.

• Government Agencies are in the Fight Against Chinese Human Targeting and Cyber Espionage. Will it be Enough?
• For the Cybersecurity Community: A Call to Action for Memory-safe Strategies and “Better Diagnostics that
• Measure Cybersecurity Quality”
• We Have a Privacy Executive Order!  Time to See It in Action
• An Overview of the NIST Cybersecurity Framework 2.0
• How To Properly Cut Your Cybersecurity Budget
• Implementation Plan 2.0 Faces a Crucial Test
• OODA CEO Matt Devost and OODA Network Members Review the OODA Almanac 2024 – Reorientation
• i-SOON Data Leak Is Interesting but Mostly Unsurprising

February 2024

February spotlighted sophisticated advancements in large language models (LLMs) and their implementation in cybersecurity, reflecting both opportunities and threats. CISA’s JCDC reaffirmed its priorities amid scrutiny, continuing to address key cybersecurity challenges. A joint report by Microsoft and OpenAI emphasized the urgency of addressing AI-driven threats, accompanied by a $10M State Department bounty for critical AI security solutions. The concept of CYBER COM 2.0 was introduced, exploring a redefined U.S. Cyber Command strategy for the future. The OODA Almanac 2024 provided strategic reorientation guidance, emphasizing the importance of adaptability in a rapidly changing cyber environment.

• Two Emergent and Sophisticated Approaches to LLM Implementation in Cybersecurity
• Under Fire, CISA’s JCDC Continues Astride with 2024 Priorities
• Microsoft and OpenAI Issue a Stark Report and a $10M Bounty from the State Department
• What Does CYBER COM 2.0 Look Like?
• OODA Almanac 2024 – Reorientation

January 2024 

The year began with a focus on the rapidly evolving cybersecurity landscape, highlighting the need for stronger governance and public trust. Concerns grew around government purchases of commercially available information, raising privacy and trust issues. AI threats became a key area of discussion, with calls for establishing cyberspace attribution standards and improving data privacy regulations through an awaited executive order.

Election security emerged as a pressing priority, with warnings against misinformation. Scams targeting Americans surged, prompting the tech sector and government to explore collaborative solutions. Key reports from the DHS Cyber Safety Review Board and the CISA Cybersecurity Advisory Committee underscored the need for proactive measures to protect critical infrastructure and adapt to exponential technological disruption. The “Tallinn Mechanism” was introduced to enhance civilian cyber assistance in Ukraine.

• Government Purchase of Commercial Available Information Further Undermines Public Trust
• Evolving AI Threats: What You Need to Know
• Where Is the Executive Order on Data Privacy?
• Elections Are Coming: Time to Sound Misinformation’s Clarion Call… Again
• Scams Against Americans are Skyrocketing. The US Tech Sector and Government can Turn the Tide
• Does the U.S. Have a “Talent Superpower Strategy”?
• It’s 2024. Time to Have Attribution Standards in Cyberspace
• Updates and Recommendations from the CISA Cybersecurity Advisory Committee
• What the Board Needs to Know About Exponential Disruption, Cybersecurity, Risk Management and Strategy
• The DHS Cyber Safety Review Board’s Inaugural Reports
• The “Tallinn Mechanism” is Designed to Enhance Civilian Cyber Assistance to Ukraine
• Critical Infrastructure Remains the Brass Ring for Cyber Attackers in 2024