Cyber Attacks that Shocked the World in 2022
Cyber attacks that shocked the world in 2022
We can go on and on, speaking about the technological advancements that took center stage in 2022.
Yes, we may highlight Tesla's entire electrical vehicles' commercialization and the fact that Africa built a functional humanoid Omeife.
Remembering the glories of digital marketing, the impending invasion of the metaverse, and the acquisition of the great Twitter by the lunatic himself, his lordship Elon Musk.
Beyond the happiness and wild thrill of technological achievements, there is a secret route, the dark side of it all, and we will discuss in detail the many Cyber attacks that shocked the world in 2022. When I Say shocked, I mean these cyber attacks rocked the world in 2022
Related:Ten digital skills in high demand for tech companies in 2023
What are the Cyber Attacks that Shocked the world in 2022
Twitter Related Attack
As much as you are an ardent fan of Twitter, you are unaware of a cyber incident that affected Twitter Users’ data in 2022. Let me tell you about it.
Following Elon Musk's takeover of Twitter earlier this year, the firm has been in disarray for months. Among the upheaval, claims in July and November of a cache of 5.4 million Twitter users' data that had been circulated on criminal forums since at least July, if not earlier, emerged.
The information was obtained by exploiting a flaw in a Twitter application programming interface, or API, which was patched in January.
The collection contains many public data, such as names, Twitter IDs, tweet locations, and verified status.
However, this does not mean such a breach is insignificant because data collection in one location remains important to attackers and identity thieves.
However, the stolen material contains nonpublic information such as email addresses and phone numbers. Meanwhile, other researchers discovered proof of an even more extensive collection of 17 million records using the same API issue.
That material, however, has yet to be made public and has not been thoroughly examined.
With Musk making significant modifications to Twitter, emergent competitors such as Mastodon saw massive influxes of new signups, overwhelming servers and causing interruptions as the embryonic social networks tried to expand and meet demand. Hive Social, a competitor, experienced much more severe issues.
After researchers identified security flaws that exposed all data held in user accounts at the end of November, the firm chose to shut down while dealing with the aftermath.
Uber and Rockstar Hack
One of the cyber attacks that shocked the world in 2022 was the data breach of both Uber and Rockstar.
Between September 15 and 19, 2022, a hacker allegedly targeted both Uber and Rockstar Games.
Uber's internal computers were accessed on September 15 after a contractor's laptop was attacked with malware, and their login information was sold on the dark web.
The hacker gained access to numerous additional staff accounts, granting them access to various internal tools.
The hacker then sent a message to a company-wide Slack channel and changed Uber's Open DNS to show a graphic picture to employees on select internal websites.
On September 19, 2023, a hack into Rockstar Games, developer of the Grand Theft Auto (GTA) game franchise, was uncovered.
"Here are 90 footage/clips from GTA 6," teapotuberhacker wrote on the Grand Theft Auto game series fan site GTAForums. It's probable that I'll release additional material soon, including GTA 5 and 6 source code and assets, as well as a GTA 6 testing build."
The hacker stated in the post's comments that they "downloaded [the gameplay footage] through Slack" via breaking into the game's communication channel.
Rockstar Games said on Twitter, claiming that the firm had had a "network breach" that allowed an unauthorized third party to "illegally access and copy proprietary material from [its] servers," including the leaked GTA 6 footage.
Vanuatu Cyber Hack
You have not heard of Vanuatu; now let me tell you about it and why I choose to include it in my list of cyber attacks that shocked the world in 2022.
An island nation in the Pacific called Vanuatu was subjected to a cyberattack at the beginning of November that essentially brought down all the government's digital networks.
Emergency systems, medical records databases, car registration databases, driver's license databases, and tax systems were all unavailable, forcing agencies to switch to paper-based processes.
There are slightly over 315,000 people living in the nation, which comprises a cluster of islands to the north of New Zealand.
A month after the initial assault, government authorities reported that systems were only 70% recovered, implying that interruptions continue even as certain agencies begin to return to normal operations.
The issue appears to be a ransomware assault, but the government has not revealed any information regarding the intrusion or who may have been behind it.
Ransomware is a massive danger to government infrastructure all across the world. Earlier this year, the notorious Russia-linked Conti ransomware gang targeted the Costa Rican government, crippling the country and, in particular, its import/export systems for months, resulting in significant financial losses amid the turmoil of day-to-day operations.
WhatsApp Hack Attempt
On November 16, 2023, a hacker uploaded on BreachForums a dataset comprising what they claimed was the up-to-date personal information of 487 million WhatsApp users from 84 countries.
The suspected hacker stated in the article that anyone who purchased the information would obtain "quite recent cellphone numbers" of WhatsApp users.
The lousy actor claims that among the 487 million data are details for 32 million US users, 11 million UK users, and 6 million German users.
The hacker did not explain how such a big quantity of user data was obtained, merely stating that they "applied their approach" to get it.
Optus Data Hack
On September 22, 2023, the Australian telecommunications firm Optus had a severe data breach that exposed the personal information of 11 million users.
Customers' names, dates of birth, phone numbers, email and home addresses, driver's licenses and passport numbers, and Medicare ID numbers were among the data obtained.
After Optus declined to pay a ransom sought by the hacker, files containing this private information were shared on a hacking site. Victims of the incident further claimed that the alleged hacker contacted them and demanded AU$ 2,000 (US$1,300) or their data would be sold to other wrong parties.
Twilio and the 0ktapus Phishing
0ktapus (also known as "Scatter Swine"), a gang of researchers, went on a large phishing spree throughout the summer, compromising over 10,000 accounts across more than 130 businesses. According to analysts, most of the victims were from the United States, but there were dozens from other nations. The attackers typically texted fraudulent links linked to bogus login sites for Okta.
This identity management software can be a single sign-on tool for many digital identities.
The hackers' objective was to obtain Okta passwords and two-factor authentication tokens to access several accounts and services simultaneously.
Twilio, a communications firm was among those targeted during the attack. It had a breach in early August that affected 163 customer businesses.
Twilio is a large company; thus, 0.06 percent of its clients were affected, but sensitive services such as the encrypted messaging software Signal, two-factor authentication tool Authy, and authentication firm Okta were all included in that slice and became secondary victims of the attack.
Because Twilio provides a platform for automatically delivering SMS text messages, one of the incident's side consequences was that attackers could compromise two-factor authentication tokens and penetrate the user accounts of certain Twilio customers.
Medibank data leak
Omitting the Medibank data leak in cyber attacks that shocked the world in 2022 will be one significant omission.
Medibank, an Australian healthcare and insurance business, observed some "strange activity" on its internal systems on October 13, 2023.
The firm was then approached on October 17 by the malicious party, who wanted to "bargain with the [healthcare] company on their purported removal of client data." On the other hand, Medibank openly refused to comply with the hacker's demands.
On November 7, Medibank announced the full scope of the incident, stating that the lousy actor got unauthorized access to and stole data from 9.7 million former and present clients. The data includes sensitive and personally identifiable information about medical operations, such as codes connected with diagnoses and treatments performed.
On November 9, 2023, the hacker leaked customer data labeled "good list" and "naughty list" in response to Medibank's persistent unwillingness to pay a ransom.
The so-called "naughty list" allegedly includes information on persons who sought medical treatment for HIV, drug or alcohol addiction, or mental health difficulties such as eating disorders.
On November 10, they uploaded a file labeled "abortions" to a site supported by the Russian ransomware organization REvil, which presumably contained information on operations for which policyholders had filed claims, including miscarriages, terminations, and ectopic pregnancies.
Related:Bespoke Technology 2023|Why your company may need Bespoke Technology
Final Thoughts on Cyber Attacks that Shocked the World in 2022
Many organizations were hit by terrible cyber attacks this year, and it’s easier to say they’ve learned their lessons.
To be sincere, these hackers are not ready to back off, the question remains; after a long list of cyber attacks that shocked the world in 2022, which organization will fall victim in 2023.
Reference
nationalcrimeagency.gov.uk - NCA Official Website
There are no comments for now. Be the first comment
Leave a Reply
Your email address will not be published. Required fields are marked