The other headlines that stirred cybersecurity in the last year.
Over the past month we have looked back at some of the major stories from the past 12 months which have shaped our industry and formed our headlines.
In those articles, we looked at:
Whilst working on those, a number of other key moments came to mind. So for this honorary mentions article we will look at the remaining highlights, in no particular order.
Secure by Design
In May, the US Cybersecurity and Infrastructure Security Agency (CISA) announced a Secure by Design pledge to design products with greater security built in. Supported by 68 of the world’s leading software vendors, the pledge featured seven core goals that those manufacturers determined to follow.
One comment I heard afterwards was whether those vendors had never pledged to develop secure products in the first place? Had they considered the use of MFA, reducing the number of vulnerabilities, and “measurably increase the installation of security patches” too?
Time will tell if this bears fruit to improve secure software development, but it is a start with some strong backing.
NIS2 Directive for Europeans
Having covered many regulations, their introduction and deadline for compliance and enforcement, something about the introduction of the NIS2 Directive didn’t really catch my attention.
Perhaps it was because the UK was not directly impacted, or that there was not the level of inquiry that I had seen when the GDPR deadline was looming, but it doesn’t reduce the importance of NIS2. Any business working with a European entity needs to be in compliance, and that is where the auditors and enforcers will have the most to gain.
However this is the first of several new compliance and regulatory frameworks, with DORA set for launch in January.
TfL Off the Rails
During September, London’s transport authority faced a mysterious cyber-attack, with a series of updates detailing a major incident. The incident led to TfL staff being told to work from home, but there was minimal disruption to public transport services.
On the 10th September TfL stated that no customer information had been impacted, and then just two days later, said some customer data had been affected. The payment card details of around 5,000 people were also potentially affected.
As for who did it, on the 12th September TfL said a teenager from West Bromwich had been arrested, questioned by National Crime Agency (NCA) officers and bailed. Since then there has been little information, although detailed leaked in late November that an independent investigation is expected to be conducted on the attack.
LockBit and Locked Up
Perhaps one of the biggest stories of the year involved the takedown of the LockBit ransomware operation. SC UK was in attendance at the 44CON event in September, where the NCA detailed how it was able to take control of the cybercrime group.
It was back in February that the NCA and Europol worked as part of Operation Cronos to seize control of darknet websites. However it was far from gone, as it took only five days for a new version to apparently be in operation.
Research also found that more victims were impacted in May, with 164 caught - the highest number recorded since the beginning of 2022.
Another continuing story is around those behind LockBit, with two arrests announced in December 2024, and a $10 Million bounty placed on the admin Dmitry Khoroshev, better known as ‘LockBitSupp.’ I don’t think this is the end of the story, in fact we’re far from it to the point that a fourth version is being taunted for release in 2025.
Data Centres Anointed
To conclude on two more positive points, as not everything in cybersecurity is a negative, firstly there was a government announcement on data centres now being classified as ‘Critical National Infrastructure’.
This “means the data housed and processed in UK data centres - from photos taken on smartphones to patients’ NHS records and sensitive financial investment information - is less likely to be compromised during outages, cyber attacks, and adverse weather events.”
Also, there will be a dedicated CNI data infrastructure team of senior government officials who will monitor and anticipate potential threats.
In a year when resilience was tested with the Crowdstrike incident, this should add some confidence to that sector and its survival.
Cyber Essentials Enters the Second Decade
Some years ago I looked at the impact of Cyber Essentials, and the response was not too impressive to be honest. It was found that the take up was not great, that the standard was too opaque to be able to be worked with, and the advice needed updating.
In fact, earlier this year we looked at whether compliance with it needed to be mandated as it was claimed that awareness of the scheme is still too low.
However in October, the tenth anniversary of the launch of Cyber Essentials was marked, with new research showing that “Cyber Essentials is improving organisations’ awareness and understanding of the cybersecurity risk environment.
Cybersecurity Minister Feryal Clark MP did use the event to call for more adoption of Cyber Essentials in the supply chain, so that users may “gain tangible assurance that fundamental cybersecurity controls are in place, and they are protected from common cyber-attacks.”
There were many other angles that we could have covered from 2024, and from the headlines above it is clear that what we learned puts in good stead for the new year. Whether things are slightly more relaxed will only be learned in time.
Written by
Dan Raywood
Senior Editor
SC Media UK
Dan Raywood is a B2B journalist with more than 20 years of experience, including covering cybersecurity for the past 16 years. He has extensively covered topics from Advanced Persistent Threats and nation-state hackers to major data breaches and regulatory changes.
He has spoken at events including 44CON, Infosecurity Europe, RANT Conference, BSides Scotland, Steelcon and ESET Security Days.
Outside work, Dan enjoys supporting Tottenham Hotspur, managing mischievous cats, and sampling craft beers.
