2022 was a busy year for cybersecurity, with the threat environment expanding on all sides. Cybercriminals were working hard to steal your money and identity — but cybersecurity experts were working harder to keep businesses and consumers protected and informed.
In the last year, we tracked and reported on the online scam epidemic plaguing Americans. There was also a large number of data breaches throughout the year, particularly in its final months, and ransomware attacks were on the rise. This comes in the context of a wider chaos that has descended on multiple online platforms in recent months, with huge losses, a proliferation of scams, and debates raging over two bills designed to safeguard our children online. As 2023 gets underway, we thought it a good opportunity to look back at 2022.
The year started with a large ransomware attack against the luxury fashion house, Moncler, in January. February came along and brought reports of a dangerous new bug called Samba. In March, we witnessed the growing phenomenon of hackers targeting Microsoft Teams, which many had previously assumed was completely secure. Later in the year came the Android banking malware, Octo, as well as the Microsoft zero-day vulnerability, “Follina”. With increasing reports of ransomware attacks throughout the year, we put together a piece on all things ransomware in September.
Samsung suffered two data breaches last year alone — the first came in March followed by another in September. The popular mobile payment app, Cash App, suffered a data breach in April that affected 8.2 million customers. 2022 wasn’t a great year for crypto, and to make matters worse OpenSea was hit by an email data breach in July. While in November alone, 500 million WhatsApp users and 5.4 million Twitter users had their data compromised in two huge leaks. In the case of Twitter, the situation only worsened as it was discovered that 200 million Twitter usernames and email addresses were up for sale on the dark web.
At the start of the year, the risk of scams within the crypto community was becoming apparent, with reports of fake MetaMask security emails, while in February, $2 million worth of NFTs had been stolen from OpenSea accounts. On March 1st we reported on the growing threat of social security scams.
In the spring, the Russia-Ukraine War had begun and we saw the horrendous case of fake Ukraine charity scams, while in June, along came a flood of Amazon Prime Day scams. With summer vacations on the way, numerous travel scams started making the rounds, such as fake Sundara Inn and Booking.com websites. Last summer also saw a proliferation of the classic “you just sent a payment” scam.
In September, President Biden’s student loan forgiveness program was everywhere in the news — as were the scammers seeking to make a profit from the coverage. Finally, as the year drew to a close, we discovered an explosion of scams relating to Twitter’s new verification policy, the Midterm elections and festive shopping scams.
2022 was a tumultuous year for cybersecurity, but by being in the know we can work together to create a safer environment for all concerned. Often, it’s the big companies that hit the headlines when it comes to cybersecurity, but small businesses are arguably at even greater risk. It is therefore important to educate and inform — ultimately, prevention beats the cure.
Trend Micro, a global cybersecurity leader, helps make the world safe for exchanging digital information. Fueled by decades of security expertise, global threat research, and continuous innovation, our cybersecurity platform protects 500,000+ organizations and 250+ million individuals across clouds, networks, devices, and endpoints. Trend Micro Initiative for Education
Copyright © 2023 SCORE Association, SCORE.org
Funded, in part, through a Cooperative Agreement with the U.S. Small Business Administration. All opinions, and/or recommendations expressed herein are those of the author(s) and do not necessarily reflect the views of the SBA.
Translate