The biggest cyber attacks of 2023
When it comes to cyber security and predicting where and how attackers might strike next, Bohr’s words likely hold true. But, by looking back at The biggest cyber attacks of 2022 and 2021’s most dangerous cyber attacks, we can at least look for patterns and trends which might foretell how criminals could attack in 2023.
Predicting the biggest cyber attacks of 2023
High profile ransomware attacks dominated the headlines in 2022. We saw firms such as Nvidia, Jackson Hospital, Meyer Corporation and the San Francisco 49ers fall victim to ransomware.
Behind the headlines, ransomware as a technique didn’t stand still. Ransomware-as-a-Service – where criminals can rent or buy tools, infrastructure and abilities – was a developing story. Security vendor Trend Micro reported there were 67 active RaaS extortion groups and over 1,200 victim organisations.
LockBit, Conti and BlackCat were responsible for a huge amount of this detected activity. Their deployment was significant but the growth in their use told an even more revealing story.
Along with the developing RaaS model used to deploy attacks, how exploitation gangs pressure victims into paying ransoms has developed in 2022.
Gangs might lock data at rest but also move, copy or exfiltrate the information to another location. There they might threaten to leak it, sell it or leave it open to examination by journalists and lawyers on the hunt for bigger stories. All this adds pressure to victims.
It is reasonable to assume that 2023 will see ransomware continue to be a main source of trouble for organisations.
Ukraine war
Russia has been attacking Ukraine’s digital infrastructure since its annexation of Crimea in 2014. These attacks increased in volume and intensity just before Russia’s 2022 invasion began on 24 February. During the war, Russia has continued to use cyber attacks as a means of damaging Ukraine’s infrastructure and further hampering its citizens.
Since the start of the war, Ukraine has also used the internet as a means of attacking its attacker. The IT Army of Ukraine was a volunteer force of cyber experts which was formed in February 2022. The group conducted offensive operations and took down targets ranging from Russia’s stock exchange and reportedly stole data from the Russian Wagner Group.
Publicly and privately, organisations and governments friendly to Ukraine have also helped the country protect its cyber infrastructure. The UK government, for example, developed an only recently revealed programme to help Ukraine protect itself against Russian cyber attacks.
