Home News The Worst Hacks and Breaches of 2022 So Far

The Worst Hacks and Breaches of 2022 So Far


either the first The six months of 2022 feel endless or fleeting—or both—massive hacks, data breaches, digital scams and ransomware attacks in the first half of this complex year Continue to spread rapidly. As the Covid-19 pandemic, economic instability, geopolitical turmoil and bitter human rights disputes spread across the world, cybersecurity breaches and digital attacks have proven to be thoroughly integrated into every aspect of life.

However, with six months to go this year, there is still more to do. Here are the biggest digital security disasters to date.

For years, Russia has carried out a reckless digital attack on Ukraine, causing blackouts, trying to distort elections, stealing data, and releasing destructive malware that wreaks havoc across the country and the world. After the invasion of Ukraine in February, however, the digital dynamic between the two countries changed as Russia struggled to support a massive and costly kinetic war while Ukraine resisted on every front it could think of. This means that while Russia continues to strike Ukraine’s institutions and infrastructure with cyberattacks, Ukraine has also been fighting back with astonishing success. Ukraine formed a volunteer “IT army” at the start of the war, focused on launching DDoS attacks and destructive hacking of Russian institutions and services to cause as much chaos as possible. Hacktivists from around the world have also turned their attention and digital firepower to conflict. Russia has suffered an unprecedented data breach and service disruption as Ukraine launched other types of hacking attacks against Russia, including those using custom malware.

Digital extortion gang Lapsus$ has carried out an extreme hack in the first few months of 2022. The group emerged in December and began stealing source code and other valuable data from increasingly well-known and sensitive companies, including Nvidia, Samsung, and Ubisoft, before leaking it in an apparent extortion attempt. The craze peaked in March when the group announced that it had breached and leaked parts of Microsoft’s Bing and Cortana source code and compromised a contractor with access to systems inside the ubiquitous authentication service Okta. The attackers appear to be located in the UK and South America, relying primarily on phishing attacks to gain access to targeted systems. In late March, British police arrested seven people believed to be linked to the group and charged two in early April. Lapsus$ appears to continue functioning briefly after being captured, but then goes dormant.

In one of the most destructive ransomware attacks to date, the Russia-linked cybercriminal gang Conti brought Costa Rica to a screeching halt in April — a disruption that would last for months. The group’s attack on the country’s finance ministry has crippled Costa Rica’s import and export operations, costing tens of millions of dollars a day. The attack was so severe that the president of Costa Rica declared a “national emergency” — the first country to do so due to a ransomware attack — and one security expert described Conte’s actions as “unprecedented.” The second attack in late May, which targeted Costa Rica’s social security fund, was blamed for HIVE ransomware linked to Conti and caused widespread damage to the country’s healthcare system. While Conte’s attack on Costa Rica is historic, some see it as a distraction while the gang is trying to rebrand to evade sanctions over Russia’s war with Ukraine.

As the cryptocurrency ecosystem has grown, the tools and utilities for storing, converting, and otherwise managing it have evolved at an astonishing rate. However, such rapid expansion has been accompanied by its oversights and mistakes. Cybercriminals have been eager to exploit these mistakes, often stealing large amounts of cryptocurrency worth tens or hundreds of millions of dollars. For example, in late March, North Korea’s Lazarus Group stole $540 million worth of ethereum and USDC stablecoins at the time from the popular Ronin blockchain “bridge.”Meanwhile, in February, the attackers Exploiting a Flaw of Wormhole Bridges Grab a variant of Wormhole’s ethereum, which was worth about $321 million at the time. And in April, attacker’s target Stablecoin protocol Beanstalk granted itself a “flash loan” to steal cryptocurrency worth around $182 million at the time.

Healthcare providers and hospitals have long been favorite targets of ransomware attackers, hoping to create the greatest urgency to entice victims to pay in hopes of restoring their digital systems. But in 2022, healthcare data breaches continue as criminals pool data they can profit from identity theft and other types of financial fraud. In June, Massachusetts-based service provider Shields Health Care Group disclosed that it suffered a data breach that affected about 2 million people in the United States for most of March. The stolen data included names, Social Security numbers, dates of birth, addresses and billing information, as well as medical information such as diagnostics and medical record metrics. In Texas, patients at Baptist Health System and Resolute Health Hospital announced similar breaches in June, exposing similar data, including Social Security numbers and sensitive patient medical information. Arizona’s Kaiser Permanente and Yuma Regional Medical Center also disclosed the data breach in June.

In early June, the U.S. Agency for Cybersecurity and Infrastructure Security warned that Chinese state-backed hackers had compromised many sensitive victims around the world, including “major telecommunications companies.” According to CISA, they did so in response to known router vulnerabilities and bugs in other networking equipment, including those made by Cisco and Fortinet, as well as other vendors. The warning didn’t identify any specific victims, but it hinted at a warning about the findings and the need for organizations to beef up their digital defenses, especially when dealing with large volumes of sensitive user data. “The consultation details the goals and compromises of major telcos and network service providers,” CISA wrote. “Over the past few years, a series of high-severity vulnerabilities in network equipment have provided cyber actors with the ability to regularly exploit and gain access to vulnerable infrastructure devices. Additionally, these devices are often overlooked.”

Also, in a breach discovered by News Corp. on January 20, hackers who may be conducting Chinese espionage hacked News Corp. As part of the intrusion, the attackers accessed journalists’ emails and other files.News Corp owns a number of well-known news outlets, including Wall Street Journal and its parent company Dow Jones New York Postand several publications in Australia.

Just days after the U.S. Supreme Court made its corresponding decision on concealed carry permit law in late June, an unrelated data breach could expose information on everyone who applied for concealed carry permits in California between 2011 and 2021. The incident affected data including name, age, address and license type. The breach follows a misconfiguration of the California Department of Justice’s 2022 Firearms Dashboard portal, exposing data that should not be publicly accessible. “This unauthorized release of personal information is unacceptable and falls far short of my expectations for this department,” State Attorney General Rob Bonta said in a statement. “The California Department of Justice is entrusted with the protection of Californians and their data. We acknowledge that this can be stressful for those whose information is exposed. I am deeply disturbed and outraged.”

Source link

Previous articleChina wants to control how its famous livestreamers act and dress
Next articleTikTok’s Latest Cringe Trend: Gen Z Critiques Their Former Selves


Please enter your comment!
Please enter your name here