This cyber security update will cover the top cyber-attacks that have overwhelmed businesses throughout 2022, which kind of companies are being targeted the most, why businesses are being targeted and the trends to look out for in 2023.
Common cyber security attacks
Cyber security attacks can pop up when you least expect it, and a cyber-attack can appear in many different forms. These were the top 3 cyber security attacks in 2022:
- The most common cyber-attack was carried out by exploiting a technology and communication mechanism that we use every day; email. Phishing emails are designed to obtain your personal information, typically something sensitive such as usernames, passwords, and bank details, to then be wrongfully used. This type of cyber-attack is typically carried out by impersonating a trusted source, as an example, a co-worker, a business service or online retail service. Once your information has been gathered, the attacker can take any number of next steps. As an example, your information could be sold on the dark web, or used to log in to your online services, gaining access to more sensitive information and extended the reach of the cyber-attack to your contacts.
- The second most common cyber-attack was a denial-of-service (abbreviated to DoS) attack. This type of attack aims to make a computer, a device, or an entire system unavailable. It is intended to disrupt the ability to use a system or service for its normal purpose. A denial of service attack is carried out by overwhelming the target computer or system causing it to be unable to process legitimate requests and causing disruption to your business. The characteristics of a denial of service attack is where an attack is carried out from a single machine. By contrast, a distributed denial of service (DDoS) attack is carried out by multiple machines targeting a computer, device or service.
- The least common cyber-attack in the top 3 – although still perceived as a high risk for businesses – is a Ransomware attack. As the name suggests, a Ransomware attack is designed to hold your business ransom. The technique often adopted in a Ransomware attack is to cause significant disruption to your business by encrypting your information, rendering it inaccessible. The cyber-attackers offer to un-encrypt the information for a fee. (We never recommend paying the ransom).
Cyber-attacks in 2022
Cyber criminals are getting bolder as the years go by and because of this they continue to test the limits and go for the larger companies also causing disruption to the public.
MediBank – October
Back in October, mysterious hackers claimed that they were responsible for a cyber-attack on MediBank (one of Australia’s largest private health insurance companies) and demanded ransom for the return of stolen data.
The hackers were able to gain access after credentials owned by an individual who had privileged access to Medibank’s internal systems were stolen and sold to them on the Dark Web by unknown persons. Suspicious activity was detected by Medibank’s security team, but the hackers had already gotten away with 200 GB of the customer data. Even though the legitimacy of the threat couldn’t be confirmed at the time, the hackers still threatened to sell the 200 GB of data, which belonged to 9.7 million of MediBank’s customers. While in negotiations with the hackers, MediBank refused to pay the ransom because they believe that criminals can’t be trusted to follow through with any promises.
(Edward Kost, “What Caused the Medibank Data Breach”, UpGuard, Dec 11, 2022). (“Lookout”, Mobile App, Nov 7, 2022).
Uber – September
In mid-September, Uber (one of the largest companies in the world) found out that they had been hacked by an unknown person who was able to gain access to their systems through an employee’s compromised Slack account. After the hacker announced that Slack and other data had been stolen, not everyone took the threat seriously.
Many employees thought the announcement was from another staff member and started to message the hacker openly mocking the situation, however once told that the threat was genuine, they ceased contact with the hacker. Even though the 18- year-old hacker has been arrested, the damage to the internal systems is irreversible and Uber now have to launch their own investigation into the breach.
Twitter – July
In July, a hacker that called themselves ‘Devil’ announced that they had stolen data that linked to 5.4 million of Twitter’s user accounts, which included email addresses and phone numbers. The hacker stated that they had exploited a vulnerability that was previously discovered back in January by the White Hat Hacker Zhirinovskiy and was apparently fixed.
The hackers created a list from the data they stole and sold it on twice before saying that “the data would likely be released for free in the future”. While Twitter says no passwords were compromised it will still encourage the use of 2FA (two-factor authentication) on customer accounts.
(Jovi Umawing, “Twitter data breach affects 5.4m users”, Malwarebytes LABS, Aug 8, 2022).
What to look out for in 2023
- Remote and hybrid working, and associated risks. It is a cultural shift for a lot of organisations and 2023 is the first year where many businesses are adopting this way of working by choice – i.e., no COVID or lock-downs to contend with, and a risk that businesses will become complacent. We can then focus on staff cyber security training.
- Ransomware and phishing attacks will be addressed more since the number of attacks are set to increase, because cyber-criminals are getting more creative, which places security teams under extra pressure. Holidays and periods of big sales like New Years are the perfect time for cyber-criminals to use these methods on their victims, as they may easily be swayed to buy what they think is on offer, or give up personal information if they are ‘notified’ that something like a payment ‘hasn’t gone through’.
- Companies are expected to be more open and honest to their customers about data leaks instead of trying to hide or downplay them. If a data leak or another situation occurs, companies will have to be very clear about how they are handling the situation and their plan to avoid future security breaches and cyber-attacks. This doesn’t just benefit their customers to be aware of things, it also benefits them in the long run. Other companies may want to do some work with another business but are put off because of the lack of security and communication. If they find a company to do business with that has great security plans in place, they will be more encouraged to work with them because they’ll know that their own business will be safe whilst working with them.
- If we could help it, there would be no errors at work but we’re all human and capable of making mistakes. Most human error occurs because of simple things like temporary lapse in concentration and honest mistakes, but in these moments a lot more damage can be done thank you think. A good example of how easy it is to fall victim to a security breach is in the morning or the end of the day when a colleague is tired and concentration is harder, they may be checking through their emails and fail to see the signs of a phishing or ransomware email before it is to late. Employee training will be increased significantly in 2023 because about 82% of data breaches in 2022 involved human error.
What can Matrix do for you?
Matrix only wants to see your business succeed in this new year and to help with that, we have the technology that can adapt, detect and respond to the latest cyber security threats and provide incident response and recovery.
We have also created Essential, Professional and Advanced cyber security solutions that will help secure and strengthen your IT systems and security, so you don’t have to wait until something happens. You can feel safe in the knowledge that your IT security is taken care of.
If you want to upgrade and strengthen your businesses IT security or think you have fallen victim of a cyber attack, don’t wait, contact us today via email or call us on 01329 888444.