Cyber-attacks are showing no sign of slowing down, in this blog we are going to look at the top 5 most damaging cyber-attacks of 2022.
Russia vs Ukraine war
Organisations that are usually far from having involvement in war have involved themselves in the Ukraine-Russia war! Throughout 2022 Ukraine’s internet security was severely tested by relentless cyber-attacks from various hackers.
Ukraine has to deal with the Russian affiliated hacker group targeting over 1,500 government, public and private entities! They had to fend off hacking attacks on telecom operators and service providers. They had to avoid phishing attacks aimed at government agencies and they even had to dig for malware and translation software that seemed completely innocent. These were just a fraction of the 200+ separate incidents of Russia hacking Ukraine throughout the war. Ukraine decided to retaliate with their own cyber-attacks with a powerful ally joining their side, Anonymous who issued a statement to Russia that they were bringing their own war against them.
Russia suffered heavy blows from the hackers who managed to infiltrate Russian Sberbank leaking a lot of sensitive data, at the same time other cyber-criminals were sowing chaos in Russian infrastructure for some time, via data leaks, DDOS attacks and taking advantage of people’s fear of mobilisation. Some large IT organisations lost employee data due to smart phishing attacks, promising mobilisation delays. One hacker collective even managed to cause an explosion on the hydropower plane causing massive economic damage. 150+ attacks managed to happen to Russia with the cyber-war showing no signs of slowing down at the time this information was collected (January 2023).
Costa Rican government hacked by Conti
The government of Costa Rica has suffered horrific damage from pro-Russian cyber-criminals, there was a breach of the Ministry of Finance. April 2022 a ransomware gang known by the name of their software, Conti, launched a devastating attack, they successfully accessed the government’s network, Conti ransomware affected over 1 terabyte of sensitive data! With the majority of their backups encrypted by ransom. The hackers demanded up to $20 million in return for releasing the data. However the damage Conti caused cost the Cota Rican much more than that by paralysing their foreign trade, tax platforms and taking the country’s entire treasury offline causing massive civilian unrest on top of financial losses.
The newly elected president, Rodrigo Chavez took the reigns on May 8th 2022 and his first order of business was a national emergency decree on cyber-security. Costa Rica ended up not paying any of the ransom to Conti. The last system to come back online was reactivated 24th June 2022.
Crypto.com suffers $35 million hack attack
Over 500 of Crypto.com users were hacked and through the breached accounts the hackers managed to steal crypto-currencies worth somewhere between $34 and $35 million. Usually it would be impossible for someone to initiate a trade through Crypto.com without possessing a two-factor authenticator. However, hackers managed to somehow disable or bypass this security measure. The Crypto.com hacker was never caught!
Crypto.com took this seriously, they introduced new security measures with multifactor authentication (click here for more about multifactor authentication), they also refunded monies lost to the hack and started a fund restoration policy of up to $250,000 for future victims of hacking.
Microsoft was hacked by a 16 year old in March 2022! The hacker managed to breach a corporate account of a single Microsoft employee, gaining access to the incomplete source code of Bing, Bing Maps and Cortana. Only due to the fast response of the Microsoft personnel was the scope of the attack reduced. The hacker must not have been too experienced or at very least got sloppy leaving enough evidence behind to get tracked down.
Later down the line the hackers identity got leaked by a competitor hacker gang revealing him to be a citizen of Oxford, England. Even though the damage done by the hacker was not too severe, with Microsoft admitting they do not put too much emphasis on the secrecy of their source codes this raised a potentially scary security question; if compromising a single employee’s privacy is so easy a teenager can do it, what if Microsoft was faced with an all out breach by much more sophisticated hacker groups? This did not fill Microsoft clients with hope.
Nvidia hacked by Lapsus$ hacker gang
Nvidia also suffered at the hands of the Lapsus$ hacker gang almost a month before the Microsoft hack, this time however, the attack was much more structured and planned. The hack had a direct attack plan that had to do with the crypto mining limiter on the Nvidia RTX 3000 series graphics cards. Lapsus$ hated the change enough to breach the servers of Nvidia on February 25th 2022, stealing trade secrets, GPU chipset files and more, all in over one terabyte worth of confidential information.
Lapsus$ threatened to leak all of the stolen data unless Nvidia promised to remove the mining limiters and make all future GPU drivers open source. Nvidia did not comply with the demands of Lapsus$ and they soon got a taste of their own medicine as Nvidia allegedly got Lapsus$ hacked back, encrypting their own stolen files with ransom! Nvidia’s files were eventually leaked including the personal details of over 70,000 employees.