OBRELA’S LATEST DIGITAL UNIVERSE REPORT REVEALS SHARP RISE IN INTERNAL THREATS AND SECTOR-SPECIFIC CYBER ATTACKS
Obrela report draws on 15.63 petabytes of proprietary log data gather in 2024 from more than 520,000 endpoints globally
Obrela, a leading provider of cybersecurity services, has released its latest Digital Universe Report. This annual report, which is based on data gathered by Obrela throughout 2024, offers comprehensive insights into the most pressing cyber risks, with actionable insights for building smarter, more resilient digital operations. This year’s report has expanded its scope to cover more digital verticals, including retail/ecommerce, shipping, aviation and smart cities.
Drawing on 15.63 petabytes of proprietary log data from more than 520,000 endpoints globally, the report reveals striking trends in threat activity across sectors and regions, including a 25% increase in suspicious internal behaviour. With 39,241 confirmed cyber incidents recorded and analysed by Obrela’s Threat Intelligence team, the report reflects the scale of the current global cyber threat landscape and the growing need for tailored, intelligence-driven defences.
Financial services remain the most targeted industry, facing persistent attacks despite a reduction in overall threat volume. The retail and ecommerce sector also stands out for a spike in suspicious activity, accounting for 65% of its threat profile, driven by fraud and web-based attacks. The industrial sector faces a growing barrage of targeted campaigns and malware, which now make up 29% of all incidents observed in this area.
Another notable trend in 2024 was a marked growth in insider threats and lateral movement, attacks which are increasingly bypassing traditional perimeter defences.
Obrela’s threat detection systems reported a 14% increase in lateral movement activity and a 25% surge in suspicious internal actions, underlining that organizations must focus more on internal monitoring, access controls and employee cybersecurity awareness.
According to Iraklis Mathiopoulos, Chief of Services of Obrela, the figures show that cyber attackers are not just getting smarter, they’re also getting more specific: “Cybercrime today is strategic. Attackers are targeting organisations based on industry vulnerabilities, regional gaps and behavioural weak points,” he said, adding that: “Our 2024 report demonstrates that the old models of reactive cybersecurity are no longer enough. Enterprises need real-time visibility, contextual intelligence, and proactive defences designed around their unique risk landscape.”
Regionally, cybersecurity challenges vary widely. Southeastern Europe faced a spike in insider threats, which now represent 33% of its incident profile, while Central Europe struggled with a 50% rate of internal risk.
Northern Europe experienced the highest prevalence of web-based attacks, at 23%, while the Middle East and Asia reported sharp rises in targeted attacks, with 31% and 24% of their threat profile respectively comprising these hard-to-detect incursions.
In Africa, internal threats and targeted attacks were evenly matched at 21% each.
Meanwhile, the U.S. and broader Americas region continue to grapple with growing reconnaissance activity and rising malware infections.
On the global stage, Advanced Persistent Threat (APT) groups are operating with increased sophistication and geopolitical precision. Iranian, Russian, Chinese and North Korean APT groups were all tracked in the report, using methods ranging from spear-phishing and credential harvesting to zero-day exploits and DLL sideloading.
Obrela’s deep analysis connects these state-linked operations to specific regions and sectors, including critical infrastructure, telecommunications, defence and research.
The report also identifies a worrying evolution in ransomware and extortion threats. Groups like LockBit, Cl0p, and Black Basta continue to refine their tools, leveraging vulnerabilities such as Log4Shell and ConnectWise CVE-2024-1709 to infiltrate systems.
New actors, like FunkSec, were seen to be combining AI-powered automation with traditional cybercrime tactics, merging hacktivism with double extortion and DDoS capabilities. These developments suggest that modern ransomware has become a strategic, multifaceted business model.
Backed by data from 1.83 million alerts processed by its MDR platform, Obrela’s findings are a wake-up call for organizations operating in digitally mature or complex environments. From public administration to aerospace, smart cities to ecommerce, every sector now carries a distinct threat fingerprint.
“Our mission has always been to translate complex data into meaningful insight,” said Mathiopoulos. “This report reflects how we bring together threat intelligence, human expertise and AI-driven analysis to empower our clients. For Obrela, it’s not just about detecting threats, it’s about understanding them in context and responding with purpose.”
Obrela encourages security leaders, CISOs, and industry stakeholders to download and read the full, free 2024 Digital Universe Report, available now at this link
