Date: Mid-April 2024

Location: Ukraine (10 regions)

Key Actors: Sandworm (APT44)

• Sandworm launched a significant offensive against approximately 20 critical infrastructure facilities, including energy, water, and heating suppliers.
• The primary objective is reported to be operational disruption, potentially intended to enhance the impact of kinetic Russian missile strikes.
• The attacks exploited weak cybersecurity practices within the targeted infrastructure networks.

Date: November 2024 (Reported)

Location: United States

Key Actors: Salt Typhoon (Chinese state-sponsored hackers)

• Salt Typhoon successfully breached major U.S. telecommunication providers.
• The campaign focused on accessing Call Detail Records (CDR), revealing sensitive customer call logs, duration of calls, and location data.

Date: April 2024

Location: El Salvador

Key Actors: Unidentified Hackers

• Hackers attacked the Chivo national cryptocurrency wallet, exposing over 144 GB of sensitive personal information belonging to millions of Salvadorians.
• The perpetrators also publicly released Chivo’s source code.
• The Salvadorian government has not issued an official public statement regarding the incident.

Date: 2024 (Annualized Trend Data)

Location: United States

Key Actors: Cybercriminals, Fraud Syndicates

• Reported consumer losses to fraud surged to $12.5 billion in 2024, a 25% increase year-over-year.
• Investment scams accounted for the highest reported losses, totaling $5.7 billion, representing a 24% increase from the previous year.
• Victims reported losing more money to scams utilizing bank transfers or cryptocurrency than all other payment methods combined.

Date: Late April 2024

Location: United States/Global

Key Actors: Threat Actors (Unnamed) / IntelBroker

• A threat actor allegedly listed a database containing 49 million Dell customer records for sale on a hacking forum. The data included names, addresses, and unique 7-digit service tags.
• U.S. debt collection agency FBCS reported a cybersecurity incident impacting an estimated 1.9 million individuals, risking exposure of personal information, including names, addresses, and Social Security Numbers.
• The IntelBroker hacking syndicate executed attacks on multiple high-profile organizations, including Europol, Cisco, and AMD, stealing trade secrets and confidential user data.

Date: 2024 (Ongoing)

Location: Global, focusing on Red Sea and US/Canadian Labor

Key Actors: Houthi Rebels, Extreme Weather Events, Labor Unions

• Global supply chain disruptions increased by 38% compared to the prior year, indicating a significant reversal of stabilization trends.
• The ongoing Red Sea Crisis, driven by Houthi attacks, continues to disrupt global trade flows, increasing supply chain lead times by 35%.
• Labor disruptions surged 47% year-over-year, becoming the second-most frequent cause of disruption, affecting various industries through strikes (e.g., ILA U.S. port) and layoffs.
• Extreme weather events jumped a dramatic 119%, with floods and hurricanes significantly impacting logistics and manufacturing.

Date: Mid-April 2024

Location: Global Social Media (X, etc.)

Key Actors: State Actors (Iranian Government), Verified Social Accounts, Disinformation Networks

• Following the Iran-Israel missile exchange, posts containing misleading or fabricated information went viral, accruing over 37 million views.
• Misleading content utilized AI-generated images, video game footage, and misattributed videos from other conflicts.
• Accounts that had paid for verification were instrumental in amplifying this misleading content, facilitating the spread of narratives that can incite online polarization and potentially DVE/EVE recruitment.