Computing’s biggest security stories of 2022

/in


Here’s our round-up of the security stories that have shaped the cyber year in what has been yet another rollercoaster ride for infosec professionals.

January

Last year ended with a sting in its tail, with the Log4J vulnerability Log4Shell emerging just as security folks felt it might be safe to start winding down for the holidays. There have been reports of the vulnerability being exploited by state sponsored actors, including an attack on Belgium’s Defence ministry, but it’s probably fair to say the damage – so far as we know – hasn’t been as bad as feared.

Prior to Log4Shell, the major priority for many was defending against ransomware, and 2022 continued as 2021 left off with an attack on schools website provider FinalSite leading to a lengthy loss of access to many online services in thousands of schools and colleges around the world.

North Korea’s veteran hacking organisation Lazarus started the year as it meant to go on using Windows Update and GitHub to deploy malware as part of a new spear-phishing campaign aimed at US defence contractor Lockheed-Martin.

February

February was marked – and  marred in so many ways – by Russia’s invasion of Ukraine. Before the tanks started rolling in, and afterwards too, Ukrainian institutions suffered a wave of DDoS and wiper ransomware attacks, but the county, which has been bolstering its defences since the anexation of Crimea in 2014, proved surprisingly resilient.

And it was not just one way traffic. Some Russian websites down and TV broadcasts were interrupted as Ukraine asked hacking groups for help, something advised against by the UK government for fear of unpredictable knock-on effects. Cyber attacks and counter attacks related to the war punctuated the news cycle throughout the rest of the year, but Russia’s much feared skills in alternative warfare seemed mostly confined to disinformation.

The UK Foreign, Commonwealth & Development Office (FCDO) was in the news after a public tender document was posted on the government’s website asking for ‘urgent business support’ following a ‘serious cyber security incident‘. What that incident was and when it occurred was not made clear.

In presumably unrelated news, the Foreign Office’s…

Source…