As we wind down the end of the year, we look back at how cybersecurity changed in 2022. The war in Ukraine and the use of cyber warfare defined much of the cybersecurity landscape this year. Research shows cyber-attacks increased by 16% since the beginning of the war in February. The increased concern about US cyberattacks prompted multiple new rules and cybersecurity legislation. We saw new rules around cyberattack reporting, first for critical infrastructure and then for public companies. Congress focused on energy cybersecurity, and the CISA issued a toolkit for election security.
Healthcare continues to be the top industry targeted by cyberattacks. The healthcare sector was hit hard during the pandemic when professionals were overworked and could easily click something they shouldn’t in an email. The industry continues to be the top target because of the number of small companies with differing cybersecurity knowledge and investment operating in the sector. Additionally, the data healthcare providers store is the most personal and sensitive, so criminals are more likely to be paid if they threaten to sell the data they steal.
In 2022 we also saw ransomware and phishing continue to evolve. Clone phishing is a new type of phishing we learned about this year that uses a copy of an email from a reputable company to trick users into clicking a link or attachment. Vishing is an old technique that came back this year because of the success of spam filtering from mobile carriers. Criminals target businesses with voice phishing calls because they know companies will answer the phone. Consumers are less likely to answer spam-flagged calls, so the attack vector had to pivot.
Ransomware as a Service (RaaS) and Phishing as a Service (PhaaS) also became much more sophisticated this year. Criminals developed professional hacking toolkits with 24/7 support, user reviews, and forums modeled after high-end Software as a Service (SaaS) tools. Some hacking tools boasted they could get around MFA and were competitively priced for anyone looking to do damage to a business.
Quanexus IT Support Services for Dayton and Cincinnati
Request your free network assessment today. There is no hassle, or obligation.
If you would like more information, contact us here or call 937.885.7272.
Follow us on Facebook, Twitter and LinkedIn and stay up to date on by subscribing to our email list.