Findings from Tokio Marine HCC International’s (TMHCCI) latest annual Cyber Incidents Report, shows that in 2022, global cybercrime stakes were raised significantly with entire governments, as well as individual businesses falling victim to regular and often devastating attacks.
Topping the list in the reports top ten cyber incidents of 2022 was Russia’s use of cyber warfare in Ukraine to supplement its traditional war machine.
TMHCCI noted that several attacks were documented before the invasion with most of the Ukraine government’s websites, banks and radio stations coming under massive DDoS attacks.
However, the Ukrainian government was not the only state to come under attack in 2022, suggesting a new front is opening up in the ongoing cyber war.
The report adds that almost 30 of Costa Rica’s government institutions came under attack in April, taking tax, import and export operations offline for several days.
The Russian hackers that were responsible for the attack demanded a $10 million ransom, while the Costa Rican government lost approximately $30 million for every day its systems were down.
Additionally, in Europe, the Finnish government came under attack when Russian hackers directed a DDoS attack against the Finnish Parliament’s external websites.
TMHCCI stated that despite this activity against government organizations, business, both retail and B2B, remain the most attractive target for most threat actors.
This was clearly demonstrated by leading global brands such as Revolut, clothing brand SHEIN, Twitter and UK bank TSB, all witnessing huge reputational/financial costs following cyberattacks that took place throughout 2022.
However, another major concern looms over the vulnerability of many of the world’s leading IT providers. In late September 2022, two new Microsoft Exchange vulnerabilities were discovered and disclosed publicly. TMHCCI stated that the nature of the vulnerabilities means that they pose a systemic risk of incalculable consequences to a range of organisations.
Isaac Guasch, Cyber Security Leader at TMHCCI and author of the report said: “Cyber incidents aren’t just increasing in volume and cost. They are becoming larger, more sophisticated, coordinated and damaging, and governments are very much in the cyber criminal’s crosshairs. “Increasingly, hackers are testing unprepared governments in the pursuit of a ransom or to score political points.”
Furthermore, the report also highlighted how the development AI threatens to arm criminals with even more sophisticated weapons.
Hackers could potentially access the systems that are used to train and operate the AI, which will allow them to manipulate the algorithms and exploit or disrupt the system.
TMHCCI also warned that hackers could also use AI to automate their cyberattacks, therefore making them much harder to defend against.
“As criminals evolve, adapt their approaches, and acquire new weaponry, so too are the defences against them adapted. At Tokio Marine HCC International, we are constantly discovering new threats and developing new defences against them,” said Guasch.