Today, we release a list that no organization wants to be on. If you find yourself on this particular list, you probably have had a rough time and are likely still picking up the pieces. Today, we list the top five cyberattacks for the year 2022.
#5 – Medibank
One of the largest health insurers in Australia was hit with a devastating ransomware attack in October of 2022. On October 13, 2022, the company detected some suspicious activity only to find out a few days later that their whole system had been compromised. The malicious party attempted to negotiate a settlement with Medibank balking at that notion.
About a month later, the extent of the attack was announced by the insurer. 9.7 million prospective, past, and present customers had their information stolen. The information included personally identifiable information as well as confidential and financial information.
Shortly thereafter, the hacker released files containing data labeled “good-list” and “naughty-list” on the dark web. The “naughty-list” exposed personal treatment information about drug-related treatment, HIV, or mental health. They then published a file labeled “abortions” to a site backed by the Russian ransomware group REvil.
#4 – Lapsus$
A hacking collective called Lapsus$ made waves in 2022 by hacking some of the largest companies in the world including T-Mobile, Samsung, and Microsoft. They also were able to conduct a ransomware attack against the Brazilian Ministry of Health that compromised millions of COVID-19 vaccination records.
Other companies of note were infiltrated by Lapsus$, which are apparently a group of brash young people who use social engineering tactics to gain unauthorized access to their victims’ networks. Despite their perceived age, the gang seems to be experts in data exfiltration and has stolen proprietary information from Nvidia, Microsoft, and Samsung. Only time will tell how it plays out for the Lapsus$ group.
#3 – Ronin Network
In what is the largest cryptocurrency theft to date, hackers targeted the Ronin Network, an Axie Infinity property. It seems the North Korean hacking collective Lazarus pulled off a long con, by reaching out to Axie Infinity via LinkedIn on behalf of a fake company. After Axie Infinity employees took the bait and proceeded to conduct multiple rounds of job interviews that led to job offers and a compensation package, Lazarus hackers then used the official job PDF to compromise an engineer’s computer, and corrupt four of the nine nodes used to validate financial transactions on Sky Mavis’ Ronin blockchain.
This led to over $625 million dollars worth of Ethereum and USDC cryptocurrency changing hands. Sky Mavis, the game developer at the heart of the controversy which uses its proprietary in-game currency called the RON to fuel their ecosystems, has taken steps to raise money but the value of their RON has plummeted due to the breach.
#2 – Costa Rica
On May 8, the pro-Russian hacking group Conti perpetuated one of the largest ransomware attacks in history against Costa Rica that took down much of the government’s computing and stole a lot of financial data from the Ministry of Finance. The Conti group demanded a $10 million ransom to keep from exposing the financial data they stole, which presumably would have exposed the intricate financial details of Costa Rican citizens and businesses.
In response to the ransomware attack, the Costa Rican government headed by new President, Rodrigo Chavez Robles, sought help from cybersecurity professionals from the United States, Israel, and Spain, as well as Microsoft.
Then it got worse.
On May 31, the hacking collective Hive Ransomware Group commenced an attack that took over the nation’s Social Security system. With over 800 servers and over 9,000 endpoints corrupted, the government had no choice but to take the whole system offline for a bit. In any other year, this would have been the worst hack, but this year the worst cyberattacks were carried out by the Russian Federation in their border war against Ukraine
#1 – Ukraine
Starting in January, the Russian Federation carried out large-scale cyberattacks against Ukrainian targets as a prelude for the months and months of military action that followed. So while Russia has done a lot of their military work with missiles and troops; a lot has been done through virtual means.
In fact, there have been more than 2,000 different cyberattacks aimed at Ukrainian organizations in 2022. More than 300 of these were waged against security and defense organizations, including ransomware attacks aimed at the central defense ministry of the nation. More than 400 attacks were aimed at organizations that impact civilian life. These include commercial businesses, energy companies, telecommunications, and software development.
That’s before you consider that there are well over 1,000 separate hacks targeting the government and military of the sovereign nation. All-in-all, the Russian war effort against Ukraine has been made possible by Kremlin-backed hackers.
Your business needs to protect itself against cybercriminals and attackers from the web. If you would like to talk to one of our knowledgeable IT professionals about getting the security in place to protect your business’ assets, give us a call today at (831) 758-3636.