Top 3 Cyber Attacks and Data Breaches of 2022

Top 3 Cyber Attacks and Data Breaches of 2022

From government bodies to tech giants, no one is immune to cybersecurity threats!

It is hard to imagine our lives without the internet nowadays. Whether we need directions, want to listen to music or just want to socialize with friends, the internet makes all of it happen. Just like us, businesses today also heavily rely on the internet. 

This reliance on the internet is a double-edged sword. On the one hand, the internet makes your life simple; on the other, it leaves you vulnerable to cybersecurity threats. According to the Sonic Mid-Year Cyber Threat Report of 2022, there have been 2.8 billion malware attacks so far this year, up by 11% when compared to 2021. To give you a sense of what these attacks look like, we have compiled a list of the top three cyberattacks and data breaches that the world has experienced in 2022. 

Costa Rica Government

In April this year, the finance ministry of the Costa Rican government was overtaken by hackers. These hackers took control of the ministry’s computer systems and demanded US$10 million to return access back to the government. When the government refused, the hackers took down around 30 government agencies. The attack, conducted by the Russian ransomware group Conti, left tax systems in the country frozen, adversely affected exports and delayed payments to workers. By May, Conti had leaked 97% of all the data that it had obtained from its hack. The situation got so out of hand that the government ended up declaring a national emergency.

Unfortunately for the Costa Rican government, this wasn’t the last cyber-attack they saw this year. In June, the Hive ransomware group set its sights on the country, demanding US$5 million in Bitcoin to return access to the country’s social security system. As a result of the attack, the government was no longer able to accurately report COVID-19 results.

The LAPSUS$ Group breaches

In February this year, one of the world’s largest Graphics Processing Unit (GPU) manufacturers, Nvidia, was hacked by the cybercriminal group LAPSUS$. As a result of this hack, crucial information, such as passwords, schematics and drivers, were leaked. The group threatened to leak further information unless Nvidia agreed to remove the crypto mining limiters it had on its graphics cards and also to make their drivers open source. 

This was the first of many data breaches the LAPSUS$ group embarked on this year. The hackers also released the source code for Microsoft’s projects, including Bing, Bing Maps and Cortana, in March. It also attacked other companies, like Ubisoft, Okta and T-Mobile, to name a few. Experts say that the group used IT or customer support vulnerabilities to break through its target company’s defenses and, in some cases, also bought login credentials from the dark web. So far, the only update on these breaches is the arrest of seven teenagers (who were allegedly involved in the aforementioned hacking incidents) in the U.K. The LAPSUS$ group claims that none of its team members have been compromised. 

Akasa Air’s data breach

India’s newest commercial airline, Akasa Air, ended up exposing the personal data of 34,533 customers because of a technical glitch on August 7 this year, the same day it began operations. The issue was first noticed by cybersecurity researcher Ashutosh Barot. He reached out to Akasa Air via Twitter but didn’t receive any official email address to report the issue on. It was only after Barot informed TechCrunch about the leak that the company sprung to action.

Barot found that the airline’s account registration process gave unauthorized people access to customer details, such as their names, gender, email addresses and phone numbers. Luckily, the travel information and payment records of the customers weren’t exposed in the data leak. This wasn’t an external hack, and as soon as the airline found out about the glitch, it shut down the sign-up service. 

What can we learn from these incidents?

If there is anything we need to take away from these recent cyber-attacks, it is that having a strong cybersecurity defense is the need of the hour. The Costa Rican government attack gives us an invaluable lesson on being prepared. While it may seem surprising that hackers could get into a country’s database, it tells us that we need to conduct regular security checks on our networks to make sure that everything is in order. Similarly, the LAPSUS$ Group’s multiple cyber-attacks tell us that while some attackers might not be very sophisticated, they can still break into a company’s system if the employees are not trained on what sort of malicious attacks they should look out for. Finally, the last entry on this list, Akasa Air, tells us to act promptly in any situation. Even the slightest delay in cases of a data breach can adversely affect your company’s public image so make sure you take these threats seriously.

Just last year, U.S. President Joe Biden discussed how cyber-attacks can turn into wars and how the capabilities of hackers are getting better and better over time. If businesses and governments do not give due diligence on cybersecurity, chances are that President Biden’s words would come true sooner rather than later. 

Also read:

Header image courtesy of Freepik

SHARE THIS STORY

Share on facebook
Share on twitter
Share on linkedin
Share on email

RELATED POSTS

Step Into Tomorrow: Explore the Wonders of InnoEX 2024 in Hong Kong

In the bustling city of Hong Kong, where over seven million people reside, the call for smarter, more livable cities is louder than ever. This April, the Hong Kong Trade Development Council (HKTDC) steps up to answer that call with the InnoEX and the landmark 20th edition of the HKTDC Hong Kong Electronics Fair (Spring Edition) (EFSE). Backed by the visionary efforts of the HKSAR Government Innovation, Technology and Industry Bureau and the HKTDC, these tech expos are set to feature the latest and greatest innovation from over 3000 exhibitors from more than 20 nations and regions. 

Cloud Software Group and Microsoft Forge Strategic Cloud and AI Partnership

Cloud Software Group Inc. and Microsoft Corp. have announced an expansion of their long-standing collaboration through an eight-year strategic partnership. This partnership aims to strengthen the go-to-market collaboration for the Citrix virtual application and desktop platform and facilitate the development of new cloud and AI solutions. As part of the agreement, Cloud Software Group will commit US$1.65 billion to Microsoft’s cloud services and generative AI capabilities.

The Best 4 Hardware Crypto Wallets of 2024

After a long crypto winter since the spring of 2022, the crypto world has been buzzing with activity recently. In January, the U.S. saw the approval of Bitcoin ETFs; on March 14, Bitcoin’s price soared to an all-time high of US$73,835—obviously, there is an upsurge in interest in the crypto market. 

SUNRATE Empowers B2B Transactions with Apple Pay Integration

SUNRATE, a global payment and treasury management platform for businesses, announced the integration of Apple Pay for its customers, offering a safer and more private payment method. This move leverages the advanced security features of the iPhone to protect transactions and aligns with the growing demand for seamless and secure business transactions.