Webinar Replay: Q3 2024 Cyber Threat Landscape - Rising Attacks on Tech and Telecoms Reinforce Need for Business Continuity Planning

November 21, 2024
Our quarterly threat landscape reports are fueled by frontline incident response intel and elite analysts.
Webinar Replay – Q3 2024 Cyber Threat Landscape Briefing

A notable rise in attacks in Q3 2024 shows that threat actors are increasingly focusing on the tech and telecoms sector. Professional services retained its status as the sector most targeted by attackers, and four of the five key sectors experiencing an increase in attacks this quarter. Insider threat and email compromise remain a key area of risk for business. Other reasons to remain vigilant are the rise in nation-state actor activity and the diversification in form and techniques by various ransomware groups. 

During the session, our experts — Laurie Iacono and George Glass — explore key trends and outline insights drawn from thousands of cyber incidents handled worldwide each year. They also address the issues that organizations should be aware of, including notable threat incidents and active ransomware groups.

The briefing covers:

  • Key themes and patterns shaping the threat landscape and how these could impact organizations
  • Critical shifts in attacker behavior in the past quarter, including popular incident types and initial access methods
  • The most active threat actor groups and the industries most targeted
  • The behaviors and tactics behind some of the world’s most prominent cyber incidents

Key Sections From the Webinar

Sector Analysis

Q3 2024 Cyber Threat Landscape Virtual Briefing

“When we looked at the cases involving the tech sector, a lot of what we were seeing was related to insider threat as well as email compromise. We are also seeing a lot of ransomware activity as well as unauthorized access affecting the sector.” – Laurie Iacono

Here, our CTI experts analyze the concerning rise in threat actor focus on the tech and telecoms sector . A jump of five percent compared with the previous quarter is particularly notable in a sector that has experienced relatively low levels of attacks in the past. Our team discusses this and other trends impacting key sectors. Watch now to learn more. 

Historical Targeting of Technology Firms

Q3 2024 Cyber Threat Landscape Virtual Briefing

“This case study is really effective at establishing how ransomware can impact an organization. It underscores the importance of business continuity in these types of cases. Because when a technology firm is hit, losing critical functions can impact not just them but also their customers.” – Laurie Iacono

Our experts dive into the real-life case of an electronics manufacturing firm hit by MEDUSA ransomware. Watch now to discover how threat actors were observed bypassing at least one of the client’s endpoint detection & response tools, allowing the malware to spread across the network and leading to almost a week of business downtime.


Ransomware Roundup

Q3 2024 Cyber Threat Landscape Virtual Briefing

“As is usually the case, after we have significant disruption, we start seeing new groups emerge. We're still in that holding pattern where we're waiting to see which group will come to be the most dominant one.” – Laurie Iacono

Here, our CTI team discuss the emergence of new ransomware variants, highlighting possible rebrands and spin-offs following earlier law enforcement disruptions of LOCKBIT and the public exit of BLACKCAT/ALPHV earlier in 2024. From a spike in activity related to the AKIRA ransomware gang to the impact of new ransomware gangs such as VANIR, MAD LIBERATOR, LYNX and CICADA, learn about the key ransomware findings for Q3.

Malware Trends in Intelligence Collection

Q3 2024 Cyber Threat Landscape Virtual Briefing

“This quarter has been pretty much info stealers as far as the eye can see. I don't think I've seen anything quite like what I've seen over the last few months in terms of the same campaigns appearing across multiple different industries and multiple different sectors” – George Glass

Information stealing malware was one of the defining threats of Q3. Here, our experts put this concerningly successful trend in the spotlight, delving into the biggest names making it a key threat this quarter. Watch now.

Spotlight: Information Stealers

Q3 2024 Cyber Threat Landscape Virtual Briefing

“This year has seen a lot of changes in the way that information stealing malware works, mostly on the delivery side of things. What we are seeing in a lot of our case work is the fact that threat actors have recognized that so many credentials are out there and they're an easy way of making initial access into a corporate environment.” – George Glass

With information stealer attacks increasing significantly in Q3, our experts take a deep dive to look at just why they are so effective. The team outline how evolving social engineering techniques and competition between groups to deploy new capabilities have led to the info stealer becoming a formidable threat. Watch the video to learn more about these concerning shifts in tactics, techniques and procedures. 

Respond with Confidence

Q3 2024 Cyber Threat Landscape Virtual Briefing

“We always say in the industry that it's not a case of if, but when an incident will happen. So it's really important to prioritize planning for these type of events. As we see every day from the experience of organizations that come to us, a security incident can happen to anybody.” - Laurie Iacono

With so many changes in threat actor behavior observed in Q3, is your organization ready to act? Having handled thousands of incident response cases, our experts share mitigations that can enhance your cyber resilience in response to a volatile threat landscape. Watch now. 


Cyber and Data Resilience

Incident response, digital forensics, breach notification, security strategy, managed security services, discovery solutions, security transformation.

Kroll Responder MDR

Stop cyberattacks. Kroll Responder managed detection and response is fueled by seasoned IR experts and frontline threat intelligence to deliver unrivaled response.

Computer Forensics

Kroll's computer forensics experts ensure that no digital evidence is overlooked and assist at any stage of an investigation or litigation, regardless of the number or location of data sources.


24x7 Incident Response

Kroll is the largest global IR provider with experienced responders who can handle the entire security incident lifecycle.

Cyber Risk Retainer

Kroll delivers more than a typical incident response retainer—secure a true cyber risk retainer with elite digital forensics and incident response capabilities and maximum flexibility for proactive and notification services.

Malware Analysis and Reverse Engineering

Kroll’s Malware Analysis and Reverse Engineering team draws from decades of private and public-sector experience, across all industries, to deliver actionable findings through in-depth technical analysis of benign and malicious code.


Ransomware Preparedness Assessment

Kroll’s ransomware preparedness assessment helps your organization avoid ransomware attacks by examining 14 crucial security areas and attack vectors.

Office 365 Security, Forensics and Incident Response

Digital forensic experts investigate hundreds of Office 365 incidents per year and help strengthen your security.