Ransomware attacks exist, but are less scary than before.
Does this mean there is no danger?
No (photo: Pixabay.com)
Cyber war, cyber crime, information leaks, attacks against Israel and vice versa - determined activity of law enforcement bodies and regulators.
We had all of these this year in Cyber, but more than that, we can ask what we didn't have in Cyber this year?
Well - there was no single and significant event, such as we have become accustomed to seeing in recent years, such as the Xayah attack, SolarWinds or even a significant weakness like Log4j.
But that doesn't mean there weren't big happenings.
Cyber war
The war between Russia and Ukraine was the first in which significant cyber moves were made at the same time as kinetic warfare.
Contrary to predictions, the Russians failed to create significant damage through cyber means.
It can be cautiously estimated that the Russian Cyber Command (like the entire Russian military) did not expect such a long campaign.
The Russians managed to bring their capabilities to light in several significant "opening moves", in which they succeeded in disrupting communications, creating disinformation and causing the effects of psychological warfare.
It was also evident that they were not interested in causing significant damage to the infrastructures (again, assuming that Ototo Ukraine would surrender and they would gain control over those infrastructures).
As the campaign dragged on, the impact of the Russian cyber operations diminished, and on the other hand, the Ukrainians recruited volunteer hackers and attacked Russian government websites, leaked information of Russian citizens and soldiers, and tried as much as they could to hinder the Russian army from achieving its goals.
It can be assumed that the last word has not yet been said in this conflict, and that its prolongation could cause the Russian side to deliver more painful and devastating blows.
State cyber
The impact of this campaign went beyond the physical borders of Ukraine.
Some of the attacks caused "incidental damage" to neighboring countries (we note the effect of the Russian attack on satellite communication systems in Ukraine that paralyzed wind turbines in Germany), and some were well-planned attacks against countries that expressed support for Ukraine (such as the Vatican or Norway) or those that, due to the situation, rushed to join To NATO (attack on parliament in Finland).
Of course, we also saw the other "immediate suspects" attacking in the cyber dimension - Iran continued its semi-open struggle against Israel, China continued to attack and steal valuable information wherever it could, and North Korea, which focused on stealing crypto-currencies to enrich its treasury, which was severely damaged by sanctions.
More in Walla!
It's so delicious and simple: a recipe for caramelized bananas
In collaboration with the Galil company
As expected, the fighting continued in the cyber arena as well.
Kyiv is bombed (Photo: Reuters)
Cybercrime
Some cybercriminals were busy this year in the Ukrainian arena, so we saw fewer significant attacks.
But, we have seen a new trend where criminal groups attack developing countries and cause a situation of chaos.
The means is, again, revenge attacks, which actually result in the paralysis of the victim.
The island nations of Vanuatu and Guadeloupe have been hit by crippling ransom attacks, and Costa Rica has been paralyzed for many months, and there seems to be no end to the attacks.
information leaks
Uber, Twitter, WhatsApp, Medibank and much more.
Hackers managed to break into the world's largest organizations this year and steal millions of user records that include phone numbers, names, credit card numbers and more.
These hacks will further fuel a wave of thefts, frauds and continued hacks to other entities in the years to come.
The Lap$u$ group stood out this year by breaking into large entities and causing great embarrassment and significant financial damages.
One of the victims.
Twitter (Photo: ShutterStock)
And with us
Iranian, Palestinian and Lebanese cyber-attacks managed to penetrate various infrastructures in the country, steal information and corrupt several websites, but generally failed to cause real damage or panic in the public.
It is evident that the public (and the media as well) are more mature and are not moved by any announcement by an unknown party on the Telegram channel about "hacking hundreds of Israeli websites" (which often turns out to be a hacking of a hosting server) or "stealing information of millions of Israelis (which turns out to be a cycle of data that was leaked many years ago).
Enforcement bodies and law authorities
The Cyber Unit, the Privacy Authority, the State Comptroller and the Israel Police all worked to stop attacks, bring cyber criminals to justice and increase enforcement and regularity which ultimately results in improving the security of all of us.
However, as the State Comptroller pointed out in the last report, there are still significant gaps in the ability to protect critical infrastructures in the State of Israel.
prevention
Often, the attackers use known weaknesses, macro or ISO files or social engineering techniques to obtain identification details of employees in the organization.
Implementing an orderly update policy, banning the use of macro files, tightening control over identity management in the organization and charging users to use multi-factor authentication (2FA) will significantly reduce the ability of attackers to harm organizations.
forecast
Yotam Gutman (Photo: Sentinel One)
Unfortunately, we do not expect 2023 to be fundamentally different from last year.
In many ways, what we experienced this year is the "New Normal" - endless attacks but without a single catastrophic event.
But that being the case, organizations can estimate with a high degree of confidence that they will experience a cyber event next year, and prepare accordingly.
A combination of modern protection systems, adherence to procedures and good "IT hygiene" should significantly reduce the chance that such an attack (which will come, with a high probability) will cause significant damage to the organization.
Yotam Gutman is the marketing director of the cyber giant SentinelOne
technology
Cyber
Tags
Cyber