Today, we are talking about some of the worst hacks of 2022. I don't know about you, but the past few months of 2022 have been a whirl wind. Whether the first half of 2022 has felt endless, fleeting... or both, we can all agree it’s been a lot. On top of everything, massive hacks, data breaches, digital espionage and ransomware have persisted through it all.
Cybersecurity attacks are still growing even with the pandemics end, economic instability and human rights conflicts sweeping the globe.
In the past few months, we've seen the biggest breaches in online security to ever happen.
Let's get into it.
Russia and Ukraine Hacking Feud:
It's known that Russia has been mounting aggressive and careless cyberattacks on Ukraine for years.
These attacks have resulted in blackouts, attempted election rigging, data theft, and the release of malicious software that spread throughout the nation and the whole world.
But since Russia invaded Ukraine in February, the two nations' digital relationship has shifted. Ukraine mounts opposition on all possible fronts while Russia struggles to sustain a significant and expensive war.
As a result, Ukraine has been able to successfully hack back. Even while Russia continues to bombard Ukrainian institutions and infrastructure with cyberattacks.
At the start of the conflict, Ukraine established a volunteer "IT Army" that has concentrated on launching DDoS assaults and disruptive cyberattacks on Russian institutions and services in order to create as much havoc as possible.
The battle has attracted the attention and digital firepower of hacktivists from all around the world.
A record number of data breaches and service interruptions have occurred in Russia as a result of various hacking attempts by Ukraine, including ones that use proprietary malware.
Lapsus$ Group's Extortion Spree
In the first quarter of 2022, the infamous cyberterrorist group Lapsus$ went on an extraordinary hacking spree we have to talk about.
The organization first appeared in December 2021 and started collecting sensitive and well-known businesses' source code. These names include that of Nvidia, Samsung, and Ubisoft.
The frenzy peaked in March when the gang said that it had compromised a contractor with access to the internal systems of the widely used authentication provider Okta. Exposing sections of the source code for Microsoft Bing and Cortana.
The attackers, who looked to have bases in South America and the United Kingdom, mostly used phishing attempts to infiltrate the targets' networks.
British police detained seven individuals alleged to have ties to the organization at the end of March, two of them were charged. After the arrests, Lapsus$ appeared to momentarily keep running before going inactive.
Costa Rica is hampered by Conti
The cybercrime group Conti, launched one of the most destructive ransomware attacks on Costa Rica in April.
Conti's attack on the nation's Ministry of Finance incurred tens of millions of dollars in losses per day. Rendering Costa Rica's import/export operations inoperable.
The ransomware attack was so severe that Costa Rica's president declared it a "national emergency"—the first nation to do so—and a security expert referred to Conti's operation as "unprecedented."
The HIVE ransomware with connections to Conti to blame for a second assault in late May. That time targeting the Costa Rican Social Security Fund and severely disrupted the nation's healthcare system.
Although the attack by Conti on Costa Rica is grand, others think it was only a distraction while the gang tried to change its image in order to avoid sanctions against Russia because of its conflict with Ukraine.
Hacks on Decentralized Fintech Platforms
Tools and services for storing, converting, and managing cryptocurrencies have accelerated in development as the ecosystem has grown.
However, such quick development has not been without its share of errors and blunders.
Cybercriminals are quick to take advantage of these oversights. They'll routinely stealing enormous amounts of bitcoin valued at tens of millions of dollars or more.
For instance, the Lazarus Group of North Korea infamously stole Ethereum and USDC stablecoin valued at $540 million from the well-known Ronin blockchain "bridge" at the end of March.
Meanwhile, in February, hackers used a weakness in the Wormhole bridge to steal the Ethereum-based version of Wormhole, which was then valued roughly $321 million.
Assailants also attacked the Beanstalk stablecoin protocol, using a "flash loan" to steal bitcoin valued at around $182 million at the time.
Health Care Provider Data Theft
Ransomware perpetrators have long made hospitals and health care providers some of their top targets.
However, healthcare data breaches still persist in 2022 as hackers gather information through identity theft and other financial crimes.
The Massachusetts-based service provider Shields Health Care Group said that it faced a data breach in March. One that affected almost 2 million customers in the country.
Names, Social Security numbers, birth dates, locations, billing information, and medical data such as diagnoses were among the stolen data.
Baptist Health System and Resolute Health Hospital patients in Texas reported a similar data breach in June. Exposing comparable information, including Social Security numbers and private patient medical information.
Data breaches were also discovered by Arizona's Yuma Regional Medical Center and Kaiser Permanente.
Chinese Hackers Breach Telecoms and More
The US Cybersecurity and Infrastructure Security Agency issued a warning at the beginning of June stating that hackers sponsored by the Chinese government had compromised a number of critical targets globally, including "major telecoms corporations."
According to CISA, they achieved this by concentrating on known router flaws and flaws in other network hardware. Including products from suppliers like Cisco and Fortinet.
The warning did not name victims, but it alluded to anxiety over the results. Insinuating the necessity for enterprises to strengthen their digital defenses. Particularly when managing substantial amounts of sensitive user data.
CISA claiming the targeting and breaching of significant telecommunications corporations and network service providers.
Cyber criminals have had the capacity to frequently exploit and obtain access to insecure infrastructure equipment over the past few years thanks to a number of high-severity vulnerabilities for network devices.
Additionally, people frequently ignore these devices.
Separately, News Corp was infiltrated by hackers who were probably carrying out Chinese espionage.
As part of the compromise, attackers gained access to documents and emails belonging to a number of journalists.
News Corp owns The Wall Street Journal, Dow Jones, the New York Post, and a number of other magazines.
Take Cybersecurity Into Your Own Hands
With the rest of 2022 to look forward to, it's important we stay productive when it comes to cybersecurity awareness. These hacks, although major, act as a learning opportunity, even to the biggest corporations. Everyone has to take cybersecurity seriously.
Hopefully we've already seen the worst of it.
Check out our recent YouTube video talking about A Major Data Data Breach on Elden Ring Publisher.
If you'd like to know more what you can do to take cybersecurity into your own hands, feel free to book a time to chat with us via the Calendly link below. I'd be happy to discuss ways to optimize your company's IT.
Click here to schedule a free 15-minute meeting with Stan Kats, our Founder and Chief Technologist.
STG IT Consulting Group proudly provides IT Service for Small to Medium Businesses in Greater Los Angeles. We'd love to see if we can help you too!