2022’s Cyber Security Review

It’s safe to say 2022 has been an eventful year for the cyber security industry.

From government shutdowns to multimillion dollar data breaches, 2022 has seen some of the biggest cyberattacks ever.

In our latest blog, we look back over the year at the most prominent attacks and major trends from 2022.

Cyber security landscape

Key statistics from 2022:

  • 30,000 websites were hacked daily around the world

  • The UK experienced the highest number of cyberattacks per internet user of any country

  • 39% of UK businesses identified a cyberattack of some kind

  • Of those businesses who did identify an attack, 49% experienced at least one per month

  • 83% of attacks in the UK were phishing attacks

Notable cyberattacks across the world

  1. Conti ransomware attack on the Costa Rican Government

  2. Lapsus$ Group’s attacks on Nvidia, Ubisoft, Samsung and Microsoft

  3. LockBit 3.0 ransomware attack on the NHS

  4. Medibank data breach

  5. Crypto.com breach and crypto theft

  6. Uber data breach

The biggest trends of 2022

Social engineering – the most popular form of attack

Phishing attacks were the most popular and effective vector of infection in UK businesses this year. Over the last 12 months 83% of businesses and 87% of charities in the UK have experienced this kind of attack.

It comes as little surprise that phishing is such an effective method of attack considering email remains the largest surface of attack. 94% of malware is delivered this way and without effective staff training, it can be easy to fall victim to an attack.

Remote working vulnerabilities

The issue of protecting remote workers’ devices became critical during the pandemic and has remained a security threat since. The number of people who work remotely in the UK has doubled since before the pandemic with many relying on their own devices to access company data and sensitive information.

Throughout 2022, cyber criminals targeted remote workers by exploiting their security vulnerabilities, unsecured networks and lack of training to gain access to devices and systems.

The rise of ransomware

Ransomware has plagued almost every industry in 2022 and there is no doubt this will continue into 2023.

The number of ransomware attacks has risen year on year since this kind of malware first rose to prominence and the trend certainly carried on throughout 2022. This year, many of the most high-profile cyber-attacks were caused by ransomware. High profile attacks in the UK have targeted the healthcare, transport and education industries particularly.

The expansion of the Internet of Things

The Internet of Things is made up if interconnected devices including laptops, tablets, smart devices, mobiles and manufacturing equipment. Between 2021 and 2025, it is estimated that the number of smart devices will double creating an even larger network of access points.

IoT devices can be really valuable to consumers and businesses – they have access to enormous amounts of data and can easily streamline business processes. However, they are easily corruptible and are constantly exposed to cyber-attacks like DoS. Once controlled by hackers, the devices can overwhelm networks or gain access to data on your personal devices. As the IoT continues to expand it is likely we will see an increase in attacks of this nature going forward.

Healthcare continues to be a target

Just like in so many other industries, the threat level in healthcare has skyrocketed. With so much personal data at stake, healthcare has become an obvious target for cybercriminals. According to Kroll, the number of cyberattacks on healthcare organisations rose by 90% between April and June compared to the beginning of 2022.

An increase in use of personal devices and the huge number of endpoints has exposed clear vulnerabilities to hackers and they have been a major target for 2022.

To receive all our latest updates follow us on LinkedIn, Facebook and Twitter.

Previous
Previous

Cyber Security Predictions for 2023

Next
Next

Everything you need to know about DDoS attacks