2022 was a tough year in terms of cybersecurity. The number of ransomware attacks increased by 82% and at least 2,400 companies were targeted. Small companies as well as giants such as Twitter and Uber have been affected.
According to the report by Cyberthint, ransomware mostly affected the service sector with 32%, followed by manufacturing with 12%.
Last year also showed the emergence of new APTs. Spring4Shell, SAP ICMAD, ProxyNotShell, and Log4Shell are among the most exploited vulnerabilities.
The hacker’s prime target was credit card data, with almost 30 million cards being stolen. Theft logs are also large at around 3 million; the list continues with web shells, SMTP hacks, and RDP hacks with much smaller volumes.
The report also includes predictions for 2023. The most notable include possible nation/state cyber attacks, increased ransomware attacks, deep fake scams, cyber threats affecting mobile devices, and more.
To protect against cyber-attacks, we recommend adhering to general tips on personal and corporate cyber-security. Keep up-to-date with the versions of the software you use and install security updates. Given the rise of phishing and social engineering attacks, pay more attention when receiving emails, especially if the sender is not a trusted person. Inform employees about new phishing schemes, tactics and techniques.
Increase the security of web resources at the company perimeter with advanced security measures, such as Web Application Firewalls (WAF). To prevent malware from infecting your device, we recommend using sandboxes that analyze the behaviour of files in a virtual environment and detect malicious activity.