It’s no secret that cyber crime has grown tremendously over the past few years. Unfortunately, malicious actors have taken advantage of (and sometimes caused) social upheavals around Covid-19, elections, economic instability, and war. Throughout all of these challenges people have spent a lot of time online, and a lot of business has been done there too—it’s a great resource for connection and flexibility, but it also creates more vulnerability to cyber attacks. And hackers have all kinds of reasons to cause havoc. Here are some examples of cyber attacks in 2022 and the motives they revolved around.
Clearly, cyber crime is very often financial. Ransomware is one common method of attack for financial gain, since holding stolen data for ransom can be a lucrative affair. And as money practices evolve, cyber criminals continue to chase new methods for attaining funds.
Although cryptocurrency is relatively safe by nature of its blockchain foundation, which cements its records in an immutable ledger, hackers can still find ways to work with it. They take the avenues of fraud and identity theft, or scams that trick people into sending cryptocurrency just like regular money scams. At the beginning of 2022, cyber attackers were also able to circumvent the two-factor authentication at Crypto.com and steal over $30 million in cryptocurrency.
There’s plenty of desire to gain access to information for purposes of spying too, which can be even more frightening than money theft. Espionage is estimated to motivate around 10% of all cyber attacks—but its goals go far beyond making some quick cash. The clearest efforts in this realm come from Russian groups such as SEABORGIUM that attempt to gain access to critical information of value to the Russian state. Individuals who’ve been prosecuted in the past for spying on the U.S. have come from China, Iran and North Korea as well.
Control of Information
News sources are sometimes the target of malicious actors seeking to distort or limit the spread of information. News Corp, one of the largest news organizations in the world, was breached in February 2022, as it was a couple years before, with journalists’ emails being stolen. The world’s largest online news distributor, PressReader, was attacked in March 2022 and kept readers from accessing news from over 7,000 news sources for three days.
Another big and consequential motive for attacking online networks is to destabilize systems that are crucial to a society, disrupting critical infrastructure. After the German energy giant Marquard & Bahls was attacked in early 2022 (similar to the Colonial Pipeline attack in the U.S. the year before), 200 gas stations in Germany stopped and struggled to get running again. That attack was apparently done by a Russian group that has targeted oil pipelines in the past. With today’s global circumstances, we can expect to see more of these kinds of disruptions.
Politics and Warfare
In the worst contexts, these moves are done for political reasons or as elements of war strategy. When Russian forces invaded Ukraine in February 2022, they sent wiper malware to government and financial institutions there before entering with their tanks. Since then, multiple Kremlin-based hacking groups have continued to carry out hundreds of attacks against Ukrainian targets, sometimes in coordination with physical strikes. Russia’s strategy has often been to weaken the target with digital attacks as well as disinformation campaigns in order to easier conquer and control areas.
In many cases, multiple motives drive cyber attacks that occur—especially large ones. Supply chain attacks, which target broad and interconnected systems, have become common in 2022 and are a good example of how these elements can come together to motivate powerful malicious actors. And when different kinds of attacks are combined for overall, far-reaching destructive goals, the consequences are truly frightening.
That’s Not It for Cyber Attacks in 2022
Of course, there were many more cyber attacks this year than I could ever note here—one occurs every 39 seconds. And the year’s not over yet. Somewhat like Covid-19 itself, cyber crime is an ongoing reality that we won’t get past but rather we need to learn to live with, using the best and smartest defenses that we have. Given the severity of attacks and the powerful motives behind them, defense is something to take seriously at every level—individual, organizational, and national.
User awareness, a Zero Trust philosophy, the right security resources for given scenarios, and coordination between security providers and leaders are all important elements in protecting ourselves from these pervasive threats.