2024 in Retrospect: “A Turbulent Year for Cybersecurity”

“It has been an incredibly intense year,” Torbjörn begins. “We have seen several major incidents that have truly put cybersecurity on the agenda. One of the most talked-about cases was the ransomware attack on the IT provider Tieto Evry, where the hacker group Akira struck and paralyzed large parts of the Swedish public sector.”

The attack affected both municipalities and regions, including Region Västerbotten, which lost access to its medical supply inventory system. Torbjörn emphasizes that this incident clearly illustrates how dependent we are on digital systems.

“When systems fail, the consequences are enormous. It doesn’t help to have full warehouses if you don’t know where things are,” he says.

Hacktivists and Geopolitical Uncertainty

During the spring of 2024, the threat landscape shifted. Instead of financially motivated attacks, there was an increase in attempts to create societal disruption, particularly through DDoS attacks by the Russian hacker group Noname057(16) targeting Swedish authorities and businesses.

“We have seen a clear trend where cyberattacks are used to destabilize societies. The Swedish Tax Agency, the Parliament, and SJ (Swedish Railways) were just a few of the targets. It is a reminder that cybersecurity is not just a technical issue but a part of our national security.”

The Major IT Incident: The CrowdStrike Update

On July 19, 2024, the world experienced one of the largest IT incidents in history. A faulty software update from CrowdStrike disabled 8.5 million systems globally, leading to massive economic losses.

“This wasn’t an attack but a mistake. However, it highlights how vulnerable we are to system failures. It was a wake-up call for how we manage risk in large IT environments,” says Torbjörn.

AI – A Weapon for Both Defense and Attack

Another major topic in cybersecurity discussions during 2024 was AI. The FBI issued a warning that cybercriminals are increasingly using AI in their attacks. We saw cases of deepfake fraud, where an attacker tricked an employee into transferring $25 million through a manipulated video call.

“It’s both fascinating and terrifying. AI makes it easier for attackers to create realistic fake identities. We need to find ways to handle this,” says Torbjörn.

But AI is also a powerful tool for defense.

“We see that AI can help us identify threats faster, create better analyses, and automate cybersecurity in ways we never could before. But it’s a balancing act.”

What Awaits Us in 2025?

Torbjörn highlights three things we can be sure of: ransomware will remain one of the biggest threats, new EU regulations will impact the cybersecurity landscape, and AI will play an even bigger role.

“We know that EU cybersecurity laws are becoming stricter. Companies and organizations must adapt to NIS2 and the Cyber Resilience Act. At the same time, we know AI isn’t going away—it will be an important part of both our threats and our defense mechanisms.”

Tips for Protecting Yourself

Finally, we asked Torbjörn for his best advice on improving cybersecurity:

1. Backup and Recovery – Ensure you have robust backup solutions that are separate from your main system.
2. Zero Trust Strategy – Limit access rights and minimize the risk of intrusions.
3. Train Incident Response – Prepare for crises by simulating attacks.
4. Follow EU Regulations – New laws will affect everyone, especially companies in critical infrastructure.
5. Educate Employees – The human factor is one of the most important aspects of cybersecurity.

“We can’t predict all threats, but we can prepare. Cybersecurity is about continuously adapting,” Torbjörn concludes.

With that insight, we take away an important lesson: cybersecurity is not a one-time effort but an ongoing process that requires attention and adaptation in a constantly changing world.