High-profile cyber attacks elevated cyber security and cyber crime to dinner table conversation in 2021, and although there was no repeat of the Colonial Pipeline incident in 2022, awareness of cyber issues among the general public has never been higher.
And cyber criminals showed no sign of slowing down in 2022, even though ransomware attack volumes appeared to drop off for a time, in a trend likely linked to the war in Ukraine.
This year saw high-profile attacks on well-known organisations, disruption to the UK’s supply of crisps and new battles in the fight against digitally enabled fraud, while a cyber crime spree by a gang of troublesome kids caused consternation.
In January, contractor payroll service provider Brookson Group referred itself to the National Cyber Security Centre (NCSC) after an “extremely aggressive” cyber attack that forced it to take systems offline. Coming amid the ongoing IR35 controversy, this incident, and a separate attack on a different umbrella firm, disrupted salary payments for thousands.
In February, a series of cyber attacks targeting oil distribution terminals and other facilities in Europe had authorities on high alert, given rising fuel prices and the threat of supply disruption as the political crisis in Ukraine escalated into conflict.
A series of attacks on technology suppliers by a group known as Lapsus$ grabbed the headlines early in 2022, and although some gang members were arrested, these attacks have continued later into the year. In March, we explored how Lapsus$ attacks on Nvidia and Okta highlighted weak multifactor authentication and the risks of employees being bribed or falling victim to social engineering.
Every so often, a cyber attack hits the front pages of the UK’s tabloid newspapers, and February’s Conti ransomware attack on the systems of KP Snacks, the company behind iconic brands such as Hula Hoops, Space Raiders and the eponymous peanuts, made the cut. Computer Weekly heard from security experts about the incident, one of whom spoke of a “dark day for crisp aficionados”.
Conti hit the headlines again in May, when it shut down amid suggestions it had orchestrated its own downfall for its members to split off into new operations. Ransomware cartels come and go, but Conti was a particularly dangerous group, and its loss was not mourned.
Ride-sharing service Uber was one of 2022’s high-profile cyber attack victims in September, when it suffered a supposed social engineering attack on an employee by an apparent teenage hacktivist who wanted the company to pay its drivers more money. The incident saw multiple systems at Uber disrupted, which later blamed the Lapsus$ collective.
A somewhat botched Clop/Cl0p ransomware attack on South Staffordshire Water in August seemed to have been largely forgotten, until it emerged at the end of November that the gang had stolen customer data and leaked it on the dark web. The data included names and addresses, bank details including sort codes and account numbers, and possibly other personal data. Customers of sister company Cambridge Water also seem to have been hit.
The Lapsus$ cyber crime spree put teenage hackers and so-called script kiddies, rather than advanced ransomware gangs, in the spotlight this year, and in June, Computer Weekly spoke to one of the UK’s most famous teenage hackers, Daniel Kelley, who was just 17 when he played a key role in the infamous TalkTalk cyber attack. Kelley is still laser-focused on cyber security, but is planning to pursue a legitimate career.
Ransomware gangs rarely directly target consumers, making digitally enabled fraud arguably the most likely way the average person is going to fall victim to cyber crime. The fight against fraud continued in 2022, and in November, the Metropolitan Police revealed details of its role in a major operation that took down a cyber criminal website and saw more than 100 arrests.
At the beginning of December, a sudden drop in service for users of Rackspace’s Hosted Exchange business caused widespread chaos before being confirmed as a ransomware attack by an unspecified group. Full details of the incident are not yet known, but given how many Computer Weekly readers tuned in, it will likely prove one of the more disruptive cyber crime incidents of the year.