The end of the year saw December on average par with many of the months in 2022 when it came to records breached. November saw 32 million records breached, while December came in a close second with 31.5million breached. As the year drew to a close, reflections on the year and predictions for the year ahead abounded, while updates and warnings also accelerated in the lead up to Christmas.
2022 Cybersecurity Census
The 2022 Cybersecurity Census Report highlights that more than 50% of IT professionals have known about an attack, but kept it to themselves due to a culture of mistrust. Other findings include that:
- The financial disruption caused by these attacks is significant, at over £100,000 on average
- 32% of employers let their employees set their own passwords
- 42% of businesses see external threats as one of their top three current concerns.
Supply chain compromise becomes a top prediction for 2023
Supply chain attacks are part of an increasingly sophisticated cyber attack landscape, in which suppliers are targeted for compromise, with a view to then compromising their clients. Common targets include software developers, website builders, and data storage companies. If breached, these companies have access to a lot of sensitive information and client access, enabling threat actors to onwardly breach these companies with malware, phishing or other attacks.
The National Cyber Security Centre provides this guide on supply chain attacks +
This American report highlights the scale of the problem with a large number of suppliers failing minimum standards +
Google Chrome update issued
A major update for the Google Chrome browser was released to tackle a security susceptibility from a zero day vulnerability. A zero day vulnerability is a security flaw that is identified, but which does not yet have a security patch, leaving a system potentially vulnerable. This particular vulnerability was for a “type confusion” which although not dangerous in itself, could potentially be ‘weaponised’ to enable threat actors to access memory or execute code. We recommend running updates when prompted, if this is something that you manage yourself.
French hospital suspends operations after cyber attack
A hospital in Versailles was forced to postpone operations and transfer a small number of intensive care patients, after suffering a cyber attack. It led to what a spokesperson described as a “total reorganisation of the hospital” as machines continued working but lost connection to the network, requiring additional members of staff to be brought in to monitor patients. Read the full story +
Hackers have a conscience… occasionally
2022 saw an acceleration of “ransomware as a service (RaaS)” provision. Effectively a malware rental system, it allows inexperienced users to carry out sophisticated attacks, by renting the software to do it. This is what happened in December, when a threat actor used an RaaS service to carry out attacks, ultimately leading to the encryption of data at a childrens’ hospital in Canada. In an unexpected twist just in time for Christmas, the RaaS provider actually provided the decryption software to the hospital free of charge, at the same time issuing a statement saying that the threat actor had been suspended from their system for contravening their rules. Read the full story +
Windows 8.1 End of Life Reminder
Although it is actually happening at the beginning of January 2023, urgent reminders were issued throughout December about the looming end of life deadline. End of life software means no more security updates, and a potential network vulnerability. The cut off date is 10 January 2023 and while it is unlikely you have Windows 8.1 in your owned network, it is still worth a check, and employee devices too. Read the update from Microsoft +