5 Notable Cybersecurity Articles in 2022: Year in Review

Cyber experts had their hands full in 2022, as many cybersecurity articles show. With 79% of organizations reporting having to deal with a ransomware attack and more phishing attempts sent to unsuspecting users than ever before, both individuals and organizations found themselves vulnerable to attack.  

In this blog we bring you an overview of five prominent cybersecurity stories covered in articles from different media outlets. Although the cyber press often reports on attacks affecting enterprises, small and midsize businesses are often the target of such attacks by bad actors.  

If you’d first like to learn more about the broader cybersecurity trends affecting businesses, download The State of Cybersecurity for Small Businesses. Get access to current cybersecurity trends and recommendations.  

Let’s jump right into these salient cybersecurity articles in 2022. 

1. Cybercrime Gang Conti Attacks Costa Rican Government 

Conti's Attack Against Costa Rica Sparks a New Ransomware Era – Wired 

Costa Rica declared a national emergency in the spring of 2022 after the Conti cybercrime group deployed a successful ransomware attack on its critical infrastructure, demanding millions of dollars in ransom. 

Conti disrupted the Finance Ministry and the Ministry of Labor and Social Security, forcing critical operations across the country to go offline. Their attack also affected the healthcare sector, delaying tens of thousands of patient appointments. 

Costa Rican officials declared a state of national emergency and classified the incidents as acts of war and terrorism. Associated costs were estimated to be $30 million per day. The newly instated president, Rodrigo Chaves, continued to refuse to pay the ransom and declared that the country was “at war [with the Conti cyber gang].” 

  The country eventually requested help from Microsoft, the United States, and other countries to deal with the crisis. The US offered a bounty to anyone who would help them locate or identify Conti members and Spain sent over its own ransomware protection software. 

Related Blog: Notable Recent Data Breaches in 2022 

2. Cybercriminals Target the Healthcare Sector 

Some cybercriminals specialize in targeting healthcare organizations for the valuable data they possess. In fact, healthcare records cost ten times more than a credit card number in the hacker exchanges where this data is sold, according to Don Jackson, a threat intelligence expert. 

Baptist Medical Center Notifies Patients of Data Breach - San Antonio Express News 

The Baptist Health System of Texas announced a major breach in April of 2022. The breach exposed patients’ full names, dates of birth, Social Security numbers, medical and billing information, and more. 

A Hacked Kaiser Permanente Employee’s Emails Led to Breach of 70,000 Patient Records - TechCrunch 

Kaiser Permanente, the largest nonprofit health plan provider in the US, was breached and lost almost 70,000 patient records. Malicious actors hacked into an employee’s emails, which led officials to suspect the attack began with a fishing campaign. 

Shields Health Care Group Data Breach Affects 2 Million Patients – Bleeping Computer 

A successful cyberattack on Shields Health Care Group of Massachusetts caused a data breach, exposing the protected health information (PHI) of about two million individuals.  

Healthcare services are often forced to suspend operations after a data breach, which gives cybercriminals another reason to demand a higher ransom. 

Related Blog: What are the Consequences of a HIPAA Violation? 

3. Russia Backs Cyberattacks Against Ukraine  

Russia’s Information War Is Being Waged on Social Media Platforms – Scientific American  Another prominent event covered in cybersecurity articles in 2022 were the cyberattacks deployed on Ukraine by Russia. 

Russia-backed media outlets are responsible for years of digital misinformation spreading and cyberattacks against Ukraine. 

Russian cyberattacks increased in 2022, putting cybersecurity professionals throughout the world on high alert. The attacks targeted Ukraine’s energy and media agencies, financial industries, and government networks.  

The Ukraine and its hacktivists also launched digital counterattacks through DDoS (denial-of-service), malware, and system exploitation attacks. None of the attacks against the Ukraine were as devastating or widespread as initially feared and no global-scale incidents were observed.  

However, with the ongoing war, the biggest risks to Ukraine would be leaked or breached sensitive data, such as the geolocation of its leaders or armed forces, or military and political information. 

4. Cyber Insurance Rates Skyrocketed 

Rising Premiums, More Restricted Cyber Insurance Coverage Poses Big Risk for Companies - CNBC 

Cyber insurance premiums went up 28% on average during the first quarter of 2022 compared to 2021’s last quarter. Numerous cybersecurity incidents, particularly ransomware, drove up costs and requirements for cyber insurance.  

In addition to more expensive premiums, cyber insurance providers are requiring more thorough and effective controls, system checks, and monitoring capabilities to mitigate the risk of cyber threats. Insurers now typically require organizations to implement comprehensive security programs that include MFA (multi-factor authentication) and security training.  

Some organizations find it challenging to get affordable cyber insurance. This prompted the US Treasury Department to ask the public whether the US government should financially support providers in order to make cyber insurance more affordable for businesses. 

Related Blog: What Is the Average Total Cost of a Data Breach?

5. Google Endures and Blocks a Massive DDoS Attack 

Google Blocks ‘Largest Ever’ Web DDoS Attack – Cyber Security Hub 

Bad actors deployed [a denial-of-service (DDoS) attack on a Google Cloud Armor user in June of 2022. In fact, this attack is the largest DDoS attack ever recorded, hitting 46 million requests per second, and originating from over 5000 IPs in over 130 countries. 

A DDoS attack uses bots in IoT devices to congest traffic leading to a server, so that normal traffic is slowed down or interrupted.  

“[It was] like receiving all the daily requests to Wikipedia (one of the top 10 trafficked websites in the world) in just 10 seconds,” Google mentioned in a blog post discussing the attack. 

Since one of Google’s Cloud Armor solutions can detect a DDoS attack early before it causes incremental damage, the user was able to use the solution to block traffic from suspicious sources while allowing legitimate traffic to continue.  

This reinforces the recommendation of cybersecurity professionals everywhere to install defensive and preventative technologies to mitigate the damage from cyberattacks. 

Bottom Line 

These 2022 cybersecurity articles highlight the need for organizations to create a cybersecurity program to stay shielded from current and future threats.  

Higher ransom payments, the increase in cyberattacks, and the unfilled cybersecurity gaps means that organizations will have a greater challenge in improving their cybersecurity standing.  

While malicious actors continue to develop new and more intense attacks, cybersecurity experts such as the ones at DOT Security will also work to protect businesses of all sizes against these threats. 

Take a deeper dive into the cybersecurity trends of 2022 and beyond with The State of Cybersecurity for Small Businesses. Download it now to gain access to statistics, effects on leadership, trends, recommendations and more!