2024 Key Findings This year’s edition of the LUMINAR Annual Threat Landscape Report provides insights about the global threat landscape while analyzing major trends and threat vectors worldwide, including ransomware attacks, exploitation of high-profile vulnerabilities and stolen access credentials. The following key findings shed light on the current threat landscape and can provide insight regarding what to expect in the upcoming year. Financial services and tech remain among the most targeted industries + The top targeted industries included the financial services, technology, manufacturing, healthcare, government, commercial and education sectors, consistent with findings from 2023 + The United States continues to be the most targeted country (as it was in 2023) Cyber attacks are increasingly conducted to supportmilitary operations + Regional conflicts, such as the ongoing war in Ukraine and the Gaza conflict, have escalated cyberattacks globally, with motivations including intelligence gathering, disruption of critical infrastructure and subversion The boundaries between traditional types of threat actor are increasingly blurring + 49% of attacks were attributed to financially-motivated cybercriminals, while state- sponsored actors accounted for 36% and hacktivists for 11% + 2024 saw multiple instances of threat actors engaging in activities that deviated from their traditional categories, including hacktivist groups venturing into cybercrime and nation-state actors cooperating with ransomware gangs. Vulnerabilities continue to be a key attack vector + 40,704 new vulnerabilities were disclosed, with an average CVSS score of 5.7 + The vendor with the highest number of vulnerabilities was Linux + Linux Kernel was the product with the highest number of vulnerabilities Threat Snapshot 2 Blurring Boundaries 3 Vulnerability Intelligence 4 Ransomware 5 Stolen Access Credentials 6 Tips 7 Key Findings 1 2