:quality(75)/cloudfront-us-east-1.images.arcpublishing.com/elcomercio/GE4DEMRNGEYS2MRTKQYDAORRHA.jpg)
Three cyber attacks “specifically targeting Ukraine as a direct consequence of the Russian invasion” and another against Costa Rica top the list of the ten largest such attacks worldwide this year.
Cyber-attacks with ransomware, the million-dollar robbery of Axie Infinity and attacks on companies like Uber or Microsoft are among the most important, either due to the damage caused, the level of sophistication or the geopolitical repercussions, prepared by the cybersecurity company Eset.
SIGHT: Christmas shopping: How to protect your bank accounts from cybercriminals?
1. Ukraine under (cyber)attack, occupies the top of the ranking, since the critical infrastructure of that country has been seen, once again, in the crosshairs of cybercriminals.
Early in the Russian invasion, Eset researchers worked with the Computer Emergency Response Team of Ukraine (CERT-UA) to solve a targeted attack on the country’s power grid involving destructive malware (malicious code) that the group Sandworm had attempted to deploy against high voltage electrical substations.
2. HermeticWiper and IsaacWiper: Last February, HermeticWiper malware was detected on hundreds of devices from various organizations in Ukraine. The next day, a second destructive data wipe attack began against a Ukrainian government network, this time with the IsaacWiper malware.
SIGHT: Cybercriminals use Google Ads to promote cloned software websites
3. Internet out of service in Ukraine: just an hour before the invasion, a major cyberattack against the commercial satellite internet company, Viasat, disrupted broadband service for thousands of people in the country and even in other parts of Europe.
Four. With you in Costa Rica: “One of the main actors in underground cybercrimea” this year it was the ransomware-as-a-service (RaaS) group Conti and one of their raids “more dangerous” was against Costa Rica, where a national emergency was declared after the government described a crippling attack as an act of “cyberterrorism”.
Since then, the group has disappeared, “although it is likely” that its members have dedicated themselves to other projects or changed brands, adds Eset.
SIGHT: Don’t accept all permissions when downloading an app! Some could put your device at risk
5. Different ransomware targeting the United States: an alert in September stated that “different cybercriminals linked to the Iranian regime” had managed to compromise a US municipal government and an aerospace company, among other targets for ransomware campaigns (to demand a ransom for the infected computer), which “it is not very usual” in state-backed entities.
6. The millionaire robbed Axie Infinity, an online video game from Sky Marvis. In March, it emerged that cybercriminals had managed to use stolen private keys to fake $618 million worth of withdrawals, the largest in cryptocurrency history, which has been linked to the North Korean Lazarus group.
7. Slips$ entered the scene in 2022 as an extortion group that used high-profile data thefts to force payment from its victims, including Microsoft, Samsung, Nvidia, Ubisoft, Okta and Vodafone.
SIGHT: Used by Meta, Apple and Google: What is end-to-end encryption and how does it work? Is it really that safe?
8. The International Red Cross (ICRC) suffered in January “a major leak” that endangered the personal data of more than 500,000 victims “very vulnerable”. Stolen from a Swiss contractor, they included details of people separated from their families due to conflict, migration and disaster; disappeared and their families, and detainees.
9. attack on uber: In September it was reported that a cybercriminal, possibly a member of Lapsus$, had compromised cloud email systems and code repositories. The target was a third-party contractor for Uber, who “probably” obtained his corporate password on the dark web.
SIGHT: Artificial Intelligence challenges lawmakers trying to regulate it
10. Attack on Medibank: a ransomware managed to access the data of the four million clients of the Australian health insurance giant, in an attack that “may end up costing the company about $35 million”. Those affected now face a potential barrage of phishing attempts.
Source: Elcomercio
I have worked in the news industry for over 10 years. I have a vast amount of experience in writing and reporting. I have also worked as an author for a number of years, writing about technology and other topics.
I am a highly skilled and experienced journalist, with a keen eye for detail. I am also an excellent communicator, with superb writing skills. I am passionate about technology and its impact on our world. I am also very interested in current affairs and the latest news stories.
I am a hardworking and dedicated professional, who always strives to produce the best possible work. I am also a team player, who is always willing to help out others.
