Looking Back at 2022’s Major Cyber Attacks 

Looking Back at 2022’s Major Cyber Attacks

As we consider how important it is to maintain updated and properly maintained cybersecurity systems for our personal lives as well as our businesses, I’d like to take some time to review last year’s major cyberattacks and how they made an impact. Taking time to track developments in cybersecurity gives us an opportunity to reasonably consider how data breaches and hacker activity may continue to evolve so that we can prepare future defenses.

Cyberattacks Between Russia and Ukraine 
Russia has been making countless cyber-attacks against Ukraine for years, resulting in blackouts, election threats, data breaches, and more catastrophic damage. This year, after invading Ukraine, they have continued to attack Ukraine through digital means. However, Ukraine has also begun to mount its own digital assault in retaliation. A volunteer “IT Army” from Ukraine has been hosting a successful hacking campaign against Russia, utilizing malware to cause data breaches and major disruptions.

Successful Phishing Scams by the Lapsus$ Group
After starting to act in December of 2021, digital hackers from the Lapsus$ group began to make devastating cyber hacks in early 2022. They primarily focused on using phishing schemes to steal source code and other data from prominent companies including Nvidia, Samsung, and Ubisoft, which they then leaked. Their attacks peaked with a breach of Microsoft Bing and Cortana source code before arrests were made in March. Following seven arrests and two formal charges, the group has quieted down once again.

Conti’s Historic Attacks on Costa Rica
Conti, a Russia-linked digital gang, launched a historically massive cyberattack against Costa Rica in April that spanned for months. Their attack on Costa Rica’s Ministry of Finance ended up with a complete disruption of the country’s imports and exports, causing not only devastating financial losses but driving their president to declare it a national emergency. This was the first instance of a ransomware attack causing a country to announce this type of emergency. They then launched a second attack in May on the Costa Rican Social Security Fund that caused major disruptions to their health care system.

Cryptocurrency Cybersecurity Flaws
As cryptocurrency continues to evolve, the fast-moving changes have revealed vulnerabilities that various hackers have begun to take advantage of. The windows of opportunity they have found have caused a variety of attacks, often ending in the loss of cryptocurrency worth tens to hundreds of millions of dollars. One instance was launched in February, where cyber attackers utilized a security flaw with the Wormhole bridge to steal $321 million. In March, North Korea’s Lazarus group, ending in the theft of $540 million worth from Ronin bridge. Then again in April, a cyberattack was launched which granted hackers the opportunity to steal $182 million worth of cryptocurrency.

Data Breaches in Health Care
In June, Massachusetts-based Shields Health Care Group suffered a massive data breach that leaked information impacting about 2 million people in the United States. This data included names, Social Security numbers, birth dates, addresses, billing information, and medical information, all sensitive data that could lead to identity theft or financial fraud. Then in June, Baptist Health System and Resolute Health Hospital in Texas had a similar breach, exposing Social Security numbers and patient medical information. That same month, Kaiser Permanente and Yuma Regional Medical Center in Arizona also disclosed data breaches.

Hackers in U.S. Telecommunications
This past June, Chinese hackers breached major telecommunications companies within the U.S. by targeting vulnerabilities in their routers and other network equipment. While no victims were publicly disclosed, there was cause for alarm over these findings and these entities were warned to improve their cybersecurity measures. News Corp has previously discovered a breach in January made by Chinese cyber attackers that accessed journalists’ emails and other data. As they own several major news outlets, this data breach impacted The Wall Street Journal, Dow Jones, the New York Post, and more outlets in Australia.

As these cyber threats continue to evolve, it’s important that they be tracked so that effective enforcement and regulation can be considered and so that we can stay a step ahead in our defenses. When evaluating cybersecurity measures that protect us in our business and our daily lives, attacks similar to these – and those branching out from here – will continue. In this instance, knowledge is power.  

The information presented here is for general educational purposes only. It does not constitute legal advice and does not create an attorney-client relationship.