How the threat landscape may drive cyber investment in 2023 Matt Hull explores the 2022 threat landscape and considers how this will influence cyber spend and investments in 2023.
The overall decline in ransomware incidents is not to be mistaken for a halt in the persistence of such attacks, however. There was a notable surge in such incidents between February and April in particular, coinciding with the Russian invasion of Ukraine, with prominent group LockBit increasing its activity in particular. Given continued conflict and wider geopolitical turmoil, alongside the lucrative nature of such attacks, organisations need to remain vigilant against ransomware. They must actively take steps to review internal vulnerabilities and strengthen protective barriers to develop resilience against such attacks – particularly considering how cyber insurance policies are now less likely to cover the cost of ransom pay-outs in the event of attack. Looking at wider ransomware trends, North America (44%) and Europe (35%) suffered the most ransomware attacks in 2022. North America bore the brunt, with 44% of all incidents (1,106), a 24% decrease from 2021’s figures (1,447).
Our Annual Threat Monitor Report unpicks the trends and patterns in the cyber security landscape, based on our proprietary research and observations from our Managed Detection Response (MDR) and Cyber Incident Response Teams (CIRT). It equips you with the knowledge to inform your security investment and spend decisions in 2023. Each organisation’s governance and risk strategy will be unique, but one thing that remains constant is the need for threat intelligence to inform it. What has shaped the threat landscape in 2022? The ongoing conflict between Russia and Ukraine has had a major impact, with both countries deploying their full arsenal of offensive cyber capabilities. This led to an increase in disinformation, defacement, and Distributed Denial of Service (DDoS) attacks, as well as the use of destructive malware to cripple critical national infrastructure in Ukraine and other countries. We could expect a rise in DDoS attacks in 2023 as this trend continues, especially amongst growing network of connected devices. Such attacks effect the availability of systems or services, including customer portals or websites, significantly reducing the ability for an organisation to function. When conducting risk assessments of critical assets, due consideration needs to be given to ensure adequate protections are in place to mitigate the effects an attack may have on operations. Companies could run attack simulations as a regular practice, testing the implementation of protective processes provide the necessary protection in the event of such an attack. We have already seen in 2023 targeted attacks against healthcare and government institutes that operate in countries that support Ukraine. These attacks are being carried out by the pro-Russian hacktivist group, Killnet. There was a 5% decline in ransomware incidents in 2022 as compared to 2021. There are many possible reasons for this decline include the conflict in Ukraine, but also in part, to a strengthened response to such threats from law enforcement agencies and governments around the world, which resulted in the arrests of key members of cyber-criminal groups and intelligence operatives.
North America ( 44% ) and Europe ( 35% ) suffered the most ransomware attacks in 2022
Percentage of Victims by Region for Hack & Leak Victims (2022)
Matt Hull Global Head of Threat Intelligence
35%
44%
Europe Asia South America Oceania Africa North America
5% decline in ransomware incidents in 2022
11%
5%
2% 3%
Made with FlippingBook Online newsletter maker