Your consultant of the future
As the war continues, Western countries and their corporations doing business in Ukraine seem, so far, to have escaped largely unscathed, some experts say the possibility of an attack remains.
Meanwhile, advocates of all kinds of computer systems have continued to face the risk of ransomware, which is affecting U. S. schools. In addition to more classic objectives such as critical infrastructure. And they fought persistent disruptions resulting from a vulnerability in widely used open-source software and cyberattacks. aimed at stealing knowledge for profit.
Here’s a quick look at the top cybersecurity news of 2022:
Almost 10 months after it began, the war in Ukraine shows no sign of ending. Observers say Ukraine has fought back admirably, both numerically and physically.
Before the invasion, analysts had warned that cyber warfare would be one of Russia’s favorite tactics. Potential targets come with Ukraine’s network of forces and critical infrastructure. And such attacks can target only allies and other countries as well, they said.
After all, Russia has already done so. The NotPetya attack, blamed on Russia, crippled computers in Ukraine in 2017. The malware, which also spread to accidental targets far from Ukraine, locked files in a similar way to ransomware. However, when experts took a closer look, they discovered that their genuine purpose was to destroy knowledge than to make money.
That’s not to say that cyberattacks haven’t been implemented. For example, knowledge erasure malware introduced through Russia crippled the Ukrainian military’s communication capacity in the early days of the invasion. But the Ukrainians recovered quite quickly.
Cyber Armageddon, however, did not break out. Instead, Russia has opted for kinetic warfare, recently attacking critical infrastructure and leaving millions of Ukrainians without normal access to heat, electricity and water. As the first anniversary of the invasion approaches, it remains to be seen whether that will change.
The federal government has made strengthening critical infrastructure cybersecurity a priority this year, following the 2021 ransomware attacks on Colonial Pipeline and JBS USA.
These attacks, which sparked shutdowns and sparked panic buying among consumers, showed precisely what kind of widespread chaos a well-targeted ransomware attack can cause.
Despite the heightened awareness, the attacks have not stopped. According to cybersecurity firm Kaspersky, the proportion of its users attacked through targeted ransomware has nearly doubled in the first 10 months of this year, to the same era in 2021.
Organized gangs and other cybercriminals have also resorted to new, smaller and less apparent targets, adding districts, large and small.
The Los Angeles Unified School District attacked ransomware over Labor Day weekend. He was not forced to cancel the school, but later revealed that cybercriminals escaped with unspecified information from the district and published it.
Ransomware attacks also shut down in Albuquerque, New Mexico, in January and in two other Michigan counties in November.
Although technically discovered in the final weeks of 2021, the Log4j software bug has forced security professionals to struggle for much of the past year. It also reduced the amount of software built from open source components.
If left unpatched or otherwise unpatched, the primary security vulnerability discovered in the Apache Log4j Java log library poses a threat to large swathes of the Internet. The vulnerability in widely used software can be exploited by cyber attackers to take control of computer servers. , potentially exposing everything from customer electronics to government and corporate systems to a cyberattack threat.
At the time of her discovery, Cybersecurity and Infrastructure Security Agency Director Jen Easterly said the scope of the vulnerability, which affected tens of millions of internet-connected devices, made it the worst she had noticed in her career.
Most companies have the problem constantly, but experts say attackers are still trying to exploit the vulnerability.
Cybercriminals looking to break into systems and seek out business loans or know-your-customer have not budged this year. There is no shortage of knowledge leaks.
Breaches at Uber, Microsoft, News Corp. and LastPass made headlines this year.
According to the third quarter report of the Identity Theft Resource Center, in the first nine months of this year, there were 1291 data breaches, affecting approximately 166. 8 million people. totals of 1,862 commitments and 298. 2 million people.
As in previous years, most of the compromises with known reasons came from cyberattacks involving some phishing or commercial email compromise, the outlet said.