The year 2022 has been turbulent. There has been global inflation, a massive rise in energy costs, and a dangerous rise in cybersecurity incidents.

We’re here to shed light on three of the worst cybersecurity incidents in 2022 and consider the implications these have for global cybersecurity practices.

1.   Ukraine Armed Conflict

One of the reasons many European governments have been investing in DDoS protection is due to Russian hackers’ cyber attacks. These have compromised critical infrastructure and network resources over the last few years.

Recently, some of the worst DDoS attacks have occurred in the Ukraine armed conflict, with Russian hackers targeting not only Ukrainian power grids but also banks and internet infrastructure. They have also executed other cyberattacks to affect the Ukrainian military and government administration systems.

In response, Ukraine has also unleashed numerous cyberattacks of its own, forming an IT Army that has been using a website listing Russian targets, causing data breaches and even service disruptions within Russia.

2.   Lapsus$ Cybercriminal Operations

This year, a cybercriminal group called Lapsus$ started to hack high-profile targets, including Samsung, Ubisoft, Nvidia, and even juggernaut Microsoft. Lapsus$ operations against these tech giants involved stealing data and then leaking it online. Different reports revealed that the cybercriminal group was named Lapsus$, which uses extortion as its modus operandi.

Apparently, Lapsus$ managed to access their victims’ data and information through phishing (sending a fraudulent message to the victim in hopes they reveal sensitive information to them). After that, they looked for the most compromising data and stole it, deploying no encrypted software in most cases.

The main difference between the Lapsus$ Group and many other cybercriminal organizations is that this one has been described as a loose collection of members.

Reports show that Nvidia may have hacked the group using the company’s offensive security experts to attack their machines. However, the counterattack was problematic due to legal implications, given that attacking machines tend to be compromised by third parties in most cases.

The most infamous aspect of the Lapsus$ chaotic spree was its social media posts that suggested the group didn’t execute these cyberattacks for the money but for kudos and popularity.

Lapsus$ used the social media platform Telegram, where the group published its operations and ran polls asking users to pick the compromised information Lapsus$ should publish.

Fortunately, the British police tracked the group through its Telegram publications and arrested seven of its most important members, including a 17-year-old and a 16-year-old. While this situation forced the group to halt its operations, it is still active.

3.   Ransomware Attack In Costa Rica

Russia-linked Conti has become one of the world’s most feared cybercriminal organizations, having targeted numerous high-profile businesses and organizations in the past few years.

The most notorious example occurred in April this year when Conti executed the worst cyberattack in Costa Rica after causing major disruption throughout the country’s financial operations.

The cybercriminal group attacked Costa Rica’s Ministry of Finance and crippled the nation’s import and export business. This situation forced the Costa Rican government to declare a national emergency, the first time in history that any government took this measure because of a ransomware attack.

Far from making Conti stop its cybercriminal operations in the country, the group executed a second attack a month later. This time, their main target was Costa Rica’s Social Security Fund, and the cyberattack it used was the so-called Hive ransomware.

Also read: 3 Tips To Protect Yourself Online

Final Thoughts

These cyberattacks targeted large organizations and even governments, leading to national headlines. What makes the headlines less frequently is the huge volume of cyberattacks that target small businesses every day.

It’s always worth updating your company’s infrastructure to stay safe!

Leave a Reply

Your email address will not be published

You cannot copy content of this page