Be the first The six months of 2022 seemed endless or fleeting—or both—massive hacks, data breaches, digital fraud, and ransomware attacks continued rapidly through the first half of this challenging year. With the Covid-19 pandemic, economic instability, geopolitical turmoil and fierce human rights disputes around the world, cybersecurity vulnerabilities and digital attacks have become deeply entangled in every aspect of life.
However, there are still six months left this year, and there is still more to come. Here are the biggest digital security fiascos that have happened so far.
For years, Russia has aggressively and recklessly carried out digital attacks against Ukraine. causing power outagesattempts to distort elections, data theft and release of destructive malware run amok across the country and the world. However, since the invasion of Ukraine in February, the digital dynamic between the two countries has shifted as Russia struggles to support a large-scale and costly kinetic war and Ukraine fights back on every possible front. This means that although Russia continuation to beat Ukrainian institutions as well as infrastructure with the help of cyberattacks, Ukraine also retaliated with surprising success. Ukraine formed a volunteer “IT army” at the beginning of the war, which was focused on organizing DDoS attacks and disruptive hacks against Russian institutions and services in order to cause as much chaos as possible. hacktivists from around the world have also turned their attention—and digital firepower—to the conflict. And as Ukraine launches other types of hacker attacks against Russia, including attacks using special malware, Russia has suffered data leak and service interruptions unprecedented scale.
Lapsus$ digital ransomware gang in the first months of 2022 went into an extreme hacker trap. The group emerged in December and began stealing source code and other valuable data from increasingly well-known and sensitive companies, including Nvidia, Samsung and Ubisoft, before leaking them in an apparent extortion effort. The fun reached its peak in March when the group announced that parts of Microsoft Bing and Cortana had been hacked and leaked. source and compromised a contractor with access to internal systems the ubiquitous Okta authentication service. The attackers, who appeared to be based in the United Kingdom and South America, mainly relied on phishing attacks to gain access to the target’s systems. British police arrested seven people believed to be linked to the group in late March and charged two in early April. Lapsus$ continued to operate for some time after the arrests, but then ceased operations.
In one of the most devastating ransomware attacks to date, Russia-linked cybercriminal group Conti brought Costa Rica to an abrupt halt in April, and the disruption continued for several months. The group’s attack on the country’s finance ministry paralyzed Costa Rica’s import-export business, resulting in losses of tens of millions of dollars a day. The attack was so severe that the President of Costa Rica declared a “national emergency” – the first country to do so because of a ransomware attack – and one security expert called Conti’s campaign “unprecedented.” A second attack in late May, this time against the Costa Rican Social Security Fund, was attributed to Conti-related HIVE ransomware and caused massive disruptions to the country’s healthcare system. While the Conti attack on Costa Rica is historic, some believe it was intended as a red herring while the gang tries to change its name to avoid sanctions against Russia over its war with Ukraine.
As the cryptocurrency ecosystem has evolved, tools and utilities for storing it, converting it, and managing it in other ways have evolved at breakneck speed. However, this rapid expansion has come with its share of omissions and errors. And cybercriminals have sought to capitalize on these pitfalls, often stealing vast arrays of cryptocurrencies worth tens or hundreds of millions of dollars. At the end of March, for example, the North Korean Lazarus Group memorably stole what at the time was $540 million in Ethereum and the USDC stablecoin from the popular Ronin blockchain ‘bridge’. Meanwhile in February the intruders took advantage of the breach in the wormhole bridge to grab what was then worth about $321 million in the Ethereum Wormhole variant. And in April attackers target the Beanstalk stablecoin protocol, giving itself an “emergency loan” to steal about $182 million worth of cryptocurrencies at the time.
Medical providers and hospitals have long been a favorite target of ransomware attackers who seek to create maximum urgency to induce victims to pay in hopes of restoring their digital systems. But medical data leaks also continued into 2022 as criminals aggregate data they can monetize through identity theft and other forms of financial fraud. In June, Massachusetts-based provider Shields Health Care Group reported that he there was a data leak affected about 2 million people in the United States for most of March. The stolen data included names, social security numbers, dates of birth, addresses, and billing information, as well as medical information such as diagnoses and medical records. In Texas, Baptist Health System and Resolute Health Hospital patients announced a similar violation similar data was disclosed in June, including social security numbers and confidential medical information about patients. Both Kaiser Permanente and the Yuma Regional Medical Center in Arizona also disclosed data leaks in June.
In early June, the U.S. Cyber and Infrastructure Security Agency warned that Chinese government-backed hackers had broken into a range of sensitive data around the world, including “major telecommunications companies.” According to the CISA, they did this by targeting known router vulnerabilities and bugs in other networking equipment, including those made by Cisco and Fortinet, among other vendors. The warning does not name any specific casualties, but hints at concern about the results and the need for organizations to strengthen their digital security, especially when dealing with huge amounts of sensitive user data. “The bulletin details the targeting and compromise of large telecommunications companies and network service providers,” writes CISA. “Over the past few years, a series of high-severity network device vulnerabilities have provided cyberattackers with the ability to routinely exploit and gain access to vulnerable infrastructure devices. In addition, these devices are often overlooked.”
Separately, hackers are likely to be engaged in Chinese espionage hacked News Corp. in an intrusion that was discovered by the company on January 20th. Attackers gained access to journalists’ emails and other documents as part of the hack. News Corp owns a number of prominent news outlets, including Wall Street Magazine and its parent company Dow Jones, New York Postand several publications in Australia.
Just days after the U.S. Supreme Court’s stringent ruling in late June regarding concealed carry permit laws, an unrelated data breach potentially exposed information about everyone who applied for a concealed carry permit in California between 2011 and 2021. The incident affected data including names, ages, addresses, and license types. The breach came after a misconfiguration on the California Department of Justice Firearms Control Panel Portal in 2022 exposed data that should not have been publicly available. “This unauthorized disclosure of personal information is unacceptable and falls far short of my expectations for this department,” State Attorney General Rob Bonta said in a statement. “The California Department of Justice is charged with protecting Californians and their data. We recognize that this can be stressful for those whose information has been disclosed. I am deeply concerned and outraged.”
Credit: www.wired.com /