Read on to get an overview of major 2022 cyberattacks and learn from them to harden cybersecurity postures this year.
During the festive season last year CybersecAsia.net managed to catch up with numerous experts to gather cyber predictions and retrospectives about the eventful year.
Here are the excepts of our interview with Mark Lukie, Director of Solution Architects, Barracuda APAC.
CybersecAsia: What were the most significant cyber threats to APAC organizations in 2022?
Mark Lukie (ML): The number of high impact breaches in the Asia Pacific region (APAC) during 2022 were eye-opening. Tens of millions of users’ personal data stolen including health records in the Medibank and Optus hacks, serving as a reminder that ransomware criminals will literally stop at nothing to exploit any organization, no matter the life-threatening repercussions.
We also saw a sharp increase in the number of ransomware attacks targeting businesses in the region compared to 2021, with five key industries standing out as the popular targets for ransomware hackers. Attacks on educational institutions more than doubled in 2022, with attacks on healthcare and financial institutions tripling. Our researchers also saw a 4% rise in attacks targeting municipalities, with attacks on critical infrastructure quadrupling over the same period, signaling threat actors’ intent to inflict greater damage beyond the impact on the immediate victim.
In the latest studies we also saw a rise in the severity of attacks during times when employees tended to book their vacations, including a huge 1.4m spike in attacks during January 2022, when employees were finishing their Christmas, New Year or lunar new year breaks.
CybersecAsia: What cybersecurity initiatives and developments, especially among governments and industry organizations in the region, have been noteworthy?
ML: In APAC we had been dealing with a serious lack of cyber labor, which continues to affect organizations’ ability to stay ahead of attackers amid rapid digitalization.
According to 2022 ISC2 Cybersecurity Workforce Study, APAC still faces a shortage exceeding 2.16m talents leaving businesses here more vulnerable to attack, despite having clocked the largest growth in cybersecurity workforce in 2022, compared with other regions.
This is a concern to governments across the region, and we have seen various efforts to address the issue, from governments introducing incentives or cyber scholarships to ISC2 introducing a new entry-level certification pilot program.
In 2022, we also saw governments across the region moving to defend against these increasing threats, such as the Australia’s 100-strong standing operation to fight cybercrime (led by federal police and the Australian Signals Directorate) and Singapore’s inter-agency Counter Ransomware Task Force (CRTF) to counter ransomware.
CybersecAsia: How do you foresee the cyber threat landscape evolving in 2023, and what would be some major threats and risks organizations should be cautious about?
ML: In 2022, geopolitical conflicts reminded us that cyber threats have no borders. Countries and organizations that were not directly involved in political rivalry suddenly became victims of nationalistic hackers or state-sponsored attacks executed with a high level of sophistication. This threat is unlikely to decline in 2023.
Throughout 2022, the major ransomware gangs—LockBit, Conti, and Lapus$—were behind blockbuster attacks, keeping them in the headlines. But this year, with the ransomware-as-a-service business model taking off and the recent build leak of LockBit 3.0, a new generation of smaller and smarter gangs will steal their limelight. During the year, organizations are likely to experience an increased frequency of ransomware attacks with new tactics, and those that are not prepared will make unwanted headlines.
This year, credential theft will remain a top target for attackers. We saw impersonation techniques and spear phishing attacks evolving last year, as well as attacks exploiting MFA fatigue. This will no doubt continue.
With this in mind, organizations need to remain vigilant and have teams in place that can provide 24/7 monitoring and assistance to preempt cyber incidents. Smaller businesses that lack this luxury need to outsource this critical function quickly.
CybersecAsia: How should organizations prepare to meet the cybersecurity challenges this year?
ML: Three basic protocols stand as the way to meet these cyber challenges:
- Safeguard your credentials! This data will continue to be an attractive target for cybercriminals and be one of the main reasons for many compromises and breaches. Implement anti-phishing capabilities in email servers and other collaboration tools. Your employees are always your first line of defence, so ensuring that they are continually trained and aware of potential cyber threats is crucial.
- Backups are your safety net. Have a backup and disaster recovery plan in place to avoid paying the ransom in a worst-case scenario.
- Applications and access should be at the top of your security list. Given the current threat landscape in APAC, we would recommend going beyond the usual MFA protections, to implementing web application security to cover all of SaaS applications and infrastructure access points. On top of this, adopting a zero trust approach to security can make a significant difference to your security posture overall, and could ensure that 2023 is a bright and secure year.
CybersecAsia thanks Mark for sharing his cyber predictions and tips for 2023.