While 2022 is not over yet, there is still a lot to look back on as we make our way closer and closer to 2023. It has been an eventful year with “the Covid-19 pandemic, economic instability, geopolitical unrest, and bitter human rights disputes grinding on around the world,” as Lily Hay Newman writes for Wired. While that all spells out quite a few problems, one of them has been risk to cybersecurity far and wide. In this piece, we will summarize some of the top breaches and threat actors to unfold over the course of 2022 demonstrating why investing in cybersecurity will serve as a major necessity in 2023.
Throughout the year, no industry was spared from a cyber breach. From critical infrastructure and healthcare to cryptocurrency, we learned that about every field and organization could be a potential target. A prominent source for incidents has been the conflict between Russia and Ukraine. Since invading Ukraine, Russia has continued to unleash cyberattacks on the country, which Ukraine has responded to with its own cyber warfare including DDoS attacks. Aside from Ukraine, Russia was also linked to a large-scale hacking of Costa Rica’s Ministry of Finance. As Wired explains, the breach led to massive disruptions to import/export businesses.
But it has not just been countries under ambush from threat actors. Companies such as Nvidia, Samsung and Ubisoft were the targets of Lapsus$, a digital extortion group known for stealing source code and other important data. In March, Lapsus$ even leaked information from Microsoft Bing and Cortana. Other companies that became prime interests of attackers in 2022 were crypto companies. Banking on the growing popularity of crypto, cybercriminals were able to seize millions of dollars through attacks such as the Ronin blockchain and Wormhole bridge hacks.
Another significant site for cyber cases has been the healthcare industry. One example that Wired points out is the Shields Health Care Group breach, which reportedly impacted nearly 2 million people. Compromised data included names, Social Security numbers, birth dates, addresses, billing information and medical records.
As these occurrences unfolded, it became more clear what types of cybersecurity threats were prominent in 2022. A “2022 Threat Mindset Survey” revealed that 66% of the people surveyed were more concerned about cyberattacks than ever before. The leading root of their concern was ransomware attacks followed by phishing attempts. Other rising issues included encrypted malware, fileless attacks and IoT malware. In fact, it has been estimated that “IoT devices experience an average of 5,200 cyberattacks per month,” according to a report for Spiceworks. Considering more and more industries are turning to connected devices and the number is expected to reach between 27 to over 50 billion, this is likely to climb on the list of concerns going forward.
Looking Beyond 2022
If there is one thing that 2022 has reinforced, it is that cybersecurity is fundamental no matter what sector or field your organization or company operates in. So, as we re-visit the events and threats to appear over the year, we can get a sense of what will need to be prioritized in 2023.
Along with IoT security, Forbes recently highlighted some other trends worth keeping an eye on and investing resources in. For one, it is probable that companies will have to continue addressing the cybersecurity challenges that come with remote work. Meanwhile, companies and NGOs alike will need to remain mindful of nation-state activity. Another growing focal area will be expanding artificial intelligence adoption. Not only can AI serve as a cybersecurity solution due to its ability to track data and networks, but it can also be weaponized by hackers.
“The Worst Hacks and Breaches of 2022 So Far” – Lily Hay Newman, Wired
- A prominent source for cyber incidents in 2022 has been the conflict between Russia and Ukraine.
- Russia was also linked to a large-scale hacking of Costa Rica’s Ministry of Finance.
- Other cyberattacks in 2022 included hacks on crypto companies, Microsoft Bing, and Shields Health Care Group.
“Top Cybersecurity Threats in 2022 That Businesses Are Worried About” – Mary Ann Richardson, Spiceworks
- A “2022 Threat Mindset Survey” revealed that 66% of the people surveyed were more concerned about cyberattacks than ever before.
- The number one concern was ransomware attacks followed by phishing attempts.
- Other rising issues included encrypted malware, fileless attacks and IoT malware.
“The Top Five Cybersecurity Trends In 2023” – Bernard Marr, Forbes
- Looking to 2023, companies will have to continue addressing the cybersecurity challenges that come with remote work.
- Meanwhile, companies and NGOs alike will need to remain mindful of nation-state activity.
- AI will also likely rise as a both a cybersecurity solution and weapon.