It's hard to believe that 2022 is almost over. This year, we saw a number of high-profile cyberattacks and data breaches that left companies and individuals around the world reeling. Let's review some of the biggest cybersecurity events of the year.
Data of half a million vulnerable individuals exposed in Red Cross breach
In January, the International Committee of the Red Cross (ICRC) learned that they suffered a data breach after their third-party data storage contractor was attacked by cybercriminals.
The cybercriminals stole the confidential data of about 515,000 people, many of whom are victims of war. To prevent the stolen data from being misused, the ICRC made an appeal to speak "directly and confidentially" to the cybercriminals.
820K students affected by the New York City (NYC) Department of Education data breach
Illuminate Education, a company that provides grades and attendance tracking software, fell victim to a cyberattack that resulted in a data breach affecting 820,000 NYC public school students. The exposed data included students’ names, birthdays, gender, ethnicity, socioeconomic status, and some academic records.
Months after the incident, the NYC Department of Education confirmed that NYC schools have stopped using all Illuminate Education products.
Fake job offers led to hack of Axie Infinity's blockchain
Using LinkedIn, cybercriminals offered fake job opportunities to employees of Axie Infinity developer Sky Mavis. The victims went through a series of interviews before receiving what seemed to be a dream job offer from a company that didn't actually exist.
When a senior engineer unwittingly clicked on a PDF supposedly containing the official job offer, hackers took control of his computer and then other devices used to validate transactions on Sky Mavis’ Ronin blockchain. They stole Ethereum and USD Coin tokens totaling around $625 million. Sky Mavis had to raise funds to reimburse the affected users.
Ex-employee sought revenge via Cash App data breach
In April, a disgruntled former employee accessed payment tool Cash App's servers without permission and stole data, such as the full names, brokerage account numbers, and stock trading activity, of over eight million US users. The company assured that aside from names, no personally identifiable data like addresses and payment card information were exposed.
Google blocked the largest DDoS attack to date
In August, One Google Cloud Armor customer was hit with a series of DDoS attacks. With up to 46 million requests per second (RPS), this is the largest Layer 7 DDoS attack ever recorded — nearly 80% larger than the 26 million RPS that Cloudfare dealt with in June.
The DDoS attack against Google was a 69-minute assault that originated from 5,256 IP addresses in 132 different countries.
With up to 46 million requests per second (RPS), the DDoS attack on Google is the largest Layer 7 DDoS attack ever recorded — nearly 80% larger than the 26 million RPS that Cloudfare dealt with in June.
Attack on personal Google account resulted in Cisco network breach
On August 10, the Yanluowang ransomware group announced a successful attack on Cisco and said they would release the victim’s files. Two hours after this announcement, Cisco reported that the cybercriminals managed to hack the personal Google account of a Cisco employee. From there, they used the Chrome browser passwords synced to that account to log into Cisco’s network.
The cybercriminals were then able to remotely access Cisco’s systems through a virtual private network. This allowed them to raise administrative privileges and eventually drop various tools that let them collect credentials, move within the network, and perform other malicious activities.
Although the attack was sophisticated, Cisco denies that the threat actors had access to any of its classified documents or source codes.
Download our FREE eBook: 3 Types of cybersecurity solutions your business must have
Ransomware attack on AirAsia compromised data of five million individuals
The Daixin Team successfully launched a ransomware attack on AirAsia, which gave them access to the personal data, such as names and birthdates, of five million employees and passengers. The cybercriminals stated that once they receive the ransom, they would provide the decryption key, delete all data that they stole, and disclose to AirAsia the vulnerabilities they exploited.
There is no confirmed news yet regarding a ransom payment being made, but AirAsia announced that "the cyberattack was on redundant systems and did not affect our critical systems."
Keep your company protected from these and similar cyberattacks in 2023 by partnering with Safebit . We've designed a five-layer approach to effectively secure businesses from all types of cyberthreats. Get in touch with us today.
