Russia’s use of cyber warfare in Ukraine to supplement its traditional war machine was among the most damaging in 2022

In 2022, global cybercrime stakes were raised significantly with entire governments, as well as individual businesses, falling victim to regular and often devastating attacks. This is according to research from Tokio Marine HCC International (TMHCCI).

Leading the pack in this year’s top ten cyber incidents is Russia’s use of cyber warfare in Ukraine to supplement its traditional war machine. Several attacks were documented before the invasion with most of the Ukraine government’s websites, banks and radio stations coming under massive DDoS attacks.

State-sponsored attacks

The Ukrainian government wasn’t the only state to come under attack in 2022, suggesting a new front is opening up in the ongoing cyber war.

Almost 30 of Costa Rica’s government institutions came under attack in April, taking tax, import and export operations offline for several days. The Russian hackers responsible for the attack demanded a $10m ransom, while the Costa Rican government lost approximately $30m for every day its systems were down.

And in Europe, the Finnish government came under attack when Russian (again) hackers directed a DDoS attack against the Finnish Parliament’s external websites. The motivation? According to the hackers: “We decided to pay a friendly visit to neighbouring Finland whose authorities are so eager to join NATO”.

Business remains the most attractive target

Despite this activity against government organisations, business, both retail and B2B, remains the most attractive target for most threat actors.

Leading global brands such as Revolut, clothing brand SHEIN, Twitter and UK bank TSB, all incurred huge reputational or financial costs following cyberattacks in 2022. 

But perhaps most concerning is the vulnerability of many of the world’s leading IT providers. In late September, two new Microsoft Exchange vulnerabilities were discovered and disclosed publicly but the nature of the vulnerabilities means they pose a systemic risk of incalculable consequences to a range of organisations.

Attacks grow in sophistication 

Isaac Guasch, Cyber Security Leader at TMHCCI and author of the report warned that cyber attacks are “becoming larger, more sophisticated, coordinated and damaging, and governments are very much in the cyber criminal’s crosshairs”.

“Increasingly, hackers are testing unprepared governments in the pursuit of a ransom or to score political points,” he said.

The development of artificial intelligence (AI) threatens to arm criminals with even more sophisticated weapons. Hackers could access the systems used to train and operate the AI, allowing them to manipulate the algorithms and exploit or disrupt the system. Likewise, they could use AI to automate their cyberattacks, making them much harder to defend against.

“As criminals evolve, adapt their approaches, and acquire new weaponry, so too are the defences against them adapted. At Tokio Marine HCC International, we are constantly discovering new threats and developing new defences against them,” said Isaac.