Computing’s biggest security stories of 2022
Here’s our roundup of the security stories that shaped the cyber year in what was another rollercoaster ride for infosec professionals.
January
Last year ended with a sting in its tail, with the Log4J vulnerability Log4Shell emerging just as security folks felt it might be safe to start shutting down for the holidays. There have been reports of the vulnerability being exploited by state-sponsored actors, including an attack on Belgium’s defense ministry, but it’s probably fair to say the damage – as far as we know – was not as bad as feared.
Before Log4Shell, the biggest priority for many was defending against ransomware, and 2022 continued while 2021 ended with an attack on school website provider FinalSite resulting in a prolonged loss of access to many online services in thousands of schools and colleges across the world.
North Korea’s veteran hacking organization Lazarus began the year purportedly continuing to use Windows Update and GitHub to deploy malware as part of a new spear phishing campaign targeting US defense contractor Lockheed-Martin .
February
February was marked – and marred in so many ways – by Russia’s invasion of Ukraine. Before the tanks started rolling in, and after, Ukrainian institutions suffered a spate of DDoS and sweeper ransomware attacks, but the country, which has beefed up its defenses since annexing Crimea in 2014, has proven surprisingly resilient.
And it wasn’t just one-way traffic. Some Russian websites were down and TV broadcasts were interrupted as Ukraine asked hacking groups for help, something the British government advises against for fear of unpredictable effects. Cyberattacks and counterattacks related to the war dominated the news cycle throughout the rest of the year, but Russia’s much-feared skills in alternative warfare were mostly limited to disinformation.
The UK Foreign, Commonwealth & Development Office (FCDO) has been in the news after a public tender document was posted on the government’s website asking for ‘urgent business support’ following a ‘serious cyber security incident’. What that incident was and when it occurred was not made clear.
In presumably unrelated news, the Foreign Office’s outdated IT systems were said by insiders to be causing “chaos”, hampering the government’s ability to respond to the Ukraine war.
March
If the Oxford Dictionary published a cyber word of the year, Lapsus$ would surely have a shout. The prolific yet seemingly straw hackers got the better of Okta, Nvidia, Microsoft and other household names before one of their numbers was traced. The ‘mastermind’ behind some of the attacks has been revealed as a 16-year-old boy who lives just a stone’s throw from the dreaming towers.
As TalkTalk and countless others have found out over the years, you underestimate teenagers at your peril, especially when prestige and money are involved. The Lapsus$ mastermind is now in custody, while former TalkTalk CEO Dido Harding has moved on to bigger, at least more lucrative, things.
“Let’s go places” is a favorite Toyota slogan, but in March the Japanese car giant was going nowhere fast thanks to an attack on air conditioning and steering wheel component supplier Kojima Industries, one of many supply chain attacks this year. It halted Toyota’s car production in Japan for several days and the shutdown of its production lines pushed back its schedule by about 13,000 cars, on top of an existing slowdown caused by the global chip shortage.
And one of the biggest cyberattacks of the war so far hit Ukraine’s state-owned telecommunications company Ukrtelecom at the end of the month, leading to the country’s worst internet disruption since Russia invaded in late February.
Despite some technicians taking up arms and others being forced to move to safer places, the country’s IT sector remains very much open for business, said Konstantin Vasyuk head of the IT Ukraine Association. The sector remains very resilient, he insisted, with the country’s turbulent history forcing it to be adaptable.
