What were the top ransomware attacks in 2022
Ransomware attacks are a threat to your organization's security. The attack aims to break into the organization's operating system and steal the sensitive data to demand a ransom if you want to recover it.
In most cases, ransomware infection occurs through malicious software, for example, malware.
Because of the ransom demanded for organizations, this type of attack becomes advantageous for cybercriminals.
During 2022, there was an increase in the recording of attempted ransomware attacks on organizations worldwide, according to SonicWall's Cyber Threat Report.
The report also pointed out the countries that suffer the most from attempted attacks, the United States appears in first place in the ranking, the United Kingdom and Spain respectively in second and third place. Brazil occupies the fourth position.
But why not take a look back at the main ransomware attacks of 2022 and evaluate how the first quarter of 2023 went?
In addition, we will show you some tips so that your organization does not get into the attack statistics.
Continue with us and find out more about ransomware attacks.
How were ransomware attacks in 2022?
Research conducted by Trend pointed out that ransomware attacks have become more sophisticated and therefore more dangerous. There were 15.7 million incidents recorded in 2022, resulting in a 12% increase compared to 2021.
With this, we see that criminals are intensifying and improving their techniques to carry out assertive and successful attacks.
Hacker groups are focused on carrying out attacks on organizations around the world in order to steal sensitive data and hold companies to ransom. In this way, they benefit from cyber attacks.
In 2022, 71% of organizations worldwide were affected by ransomware, according to a study by Statista. As many as 62.9% of the companies that fell victim to this type of attack paid the ransom to the criminals.
The study also indicated that 54% of organizations surveyed indicated that phishing scams were the most common cause of ransomware infections.
According to Bob VanKirk, president and CEO of SonicWall, the past year has helped reinforce the thought that all organizations, regardless of what area they operate in, have a need for information security in the security framework.
Criminals target all organizations, from education to finance. We can see this, in the survey conducted by Dragos, ransomware attacks against industrial organizations increased by 87% in 2022 over the previous year.
Also in the survey, most malicious software was targeted at the manufacturing sector, areas composed of manual labor.
The report showed that hackers targeted mining industries in Australia and New Zealand. It also extended to renewable energy organizations in the United States and the European Union.
What were the main attacks in 2022?
Among many cases that occurred in the year 2022, we can mention a few that occurred, such as the attack on the Costa Rican government carried out by the Conti Group.
The group attacked 30 public agencies, stealing sensitive information and demanding a ransom of $10 million for the data. However, the government refused to take it, and the hackers posted 50% of the sensitive data on the Internet.
Another attack happened against a computer parts manufacturer. The group that took ownership of the attack was Lapsus and they demanded a ransom of $1 million plus a percentage fee.
The group managed to steal more than 1TB of confidential data, including the organization's source code, customer data, and employee information.
Some brand data was shared in the digital world by the group, but it has not been disclosed whether the required ransom was paid.
In addition to these cases, a hospital in the United States that specializes in children was attacked by the hacker group Lockbit. Resulting in problems in the hospital's internal and corporate systems. In addition, telephone lines and the website itself were also down for a few days.
The attack ended up delaying lab images and results, increasing the waiting time for patients. After another ten days, the hospital announced that it had recovered 50% of the operational systems.
Soon after, the group apologized for the incident, removing the hacker who carried out the attack from the group's activities.
However, the year 2023 has already begun and hacker groups continue to commit attacks against organizations and public bodies.
Ransomware attack in the first quarter of 2023
Hacker groups are focusing their efforts to apply ransomware attacks on schools in Brazil.
According to Caio Sposito, Arcserve's Brazil country manager, schools' security resources are limited, making them more vulnerable to cyberattacks, which favors cybercriminals.
In this way, successful attacks on the education system can decrease and make it more difficult for criminals to access the operating system.
In the first quarter of 2023, ransomware attacks have already occurred, for example, there was an attack on a University Hospital in São Paulo, leading to the temporary interruption of work at the unit, which started to provide urgency and emergency services only.
During the stoppage, paper forms were used to attend to people. Even with the difficulties that last for weeks, the institution is informed that it will not pay the ransom to the criminals.
In this case, the amount of the ransom was not disclosed. But the organization
admits that it negotiated with the hackers and the negotiation did not move forward because the group realized the restoration of the brand's operating systems.
What are possible measures to protect yourself from attacks?
To decrease the chances of a ransomware attack occurring in your organization, there are a few possible avenues, such as controlling access to your organization's data.
When organization leaders can manage and control who has access to information, it can reduce the risk of insider threats or data leakage.
In this way, the zero-trust policy becomes fundamental to ensure data security and privacy within the corporate environment.
Another way is to back up data. In case your organization's operating system is compromised, you may be able to recover it. The storage of this information needs to be in a secure place with access controls.
A ransomware attack is usually linked to another cyber attack, such as a phishing attack. Therefore, secondary threats can lead to ransomware.
Because of this, organizations need to protect themselves from all cyber risks. One way to do this is to make people aware of the cyber threats that exist in the digital world.
Making people aware is one way to strengthen the second within the corporate environment.
The first step to data security is people awareness
The PhishX ecosystem can help you and assist in the process of making people in your organization aware, raising their maturity about the importance of digital security.
In PhishX you can develop customized phishing drills and campaigns, generate comprehensive reports on each person's individual process, allowing leaders to track the performance of their subordinates.
In addition, you can assess the risks your organization faces in the digital universe and our customer success team will provide all the necessary support to your team.
To take the first step, download our how to create an awareness program now. This guide will help you increase security, assist in the process, and help you implement awareness within your organization.