OPINION

Cyber Warfare in 2022: Espionage, Hacking-for-Profit, and Infrastructure Attacks

The opinions expressed by columnists are their own and do not necessarily represent the views of Townhall.com.

2022 saw hacking attacks of all types grow in frequency, as both private and public sector entities scrambled to address glaring vulnerabilities. Despite the fact that the headlines were dominated by articles related to inflation, the Ukraine-Russia War, and other events that pushed major hacks off the front page, ”illicit cyber activity" was still one of the greatest dangers America faced this year.

The online methods of espionage, cyberwarfare, and for-profit hacking, continue to evolve and pose a constant threat, as they disrupt IT systems, compromise infrastructure, and steal sensitive information. 

Although most of the more devastating attacks are carried out by ransomware syndicates and state-sponsored Advanced Persistent Threat groups (APTs), the past several years have ushered in the rise of Ransomware-as-a-Service, which can make any individual willing to buy malicious code on the dark web, a hacker. 

Cyber warfare is considered so dangerous because attacks can originate from anywhere on earth and are very difficult to initially detect. In most cases, organizations aren’t even aware that they have been victimized until well after the attack. Furthermore, with cloud computing options and mobile devices becoming more prevalent, it’s now easier than ever for hackers to gain access to devices and digital networks remotely. 

With all these factors in consideration, here are some of the more notable cyber events of 2022:

Data Breaches that Exposed Information on Millions of Americans: Most often, when people think of Twitter’s recent history, they may think of the company’s acquisition by billionaire Elon Musk and the revelations regarding the way the October 2020 New York Post reporting of the information contained in Hunter Biden’s laptop was handled. Less memorable than that but certainly still significant, is the fact that social media app and millions of its users were victimized by a data breach in 2022. 

A hacker known as ‘devil’ was able to leverage a vulnerability discovered in January to access the data of over 5.4 million Twitter users. The information included email addresses and phone numbers from celebrities and businesses and was offered for sale on the hacking forum known as BreachForums.

Another major breach centered around student loans. The hack exposed social security numbers for more than 2.5 million individuals and involved a student loan servicer known as Nelnet Servicing. Nelnet Servicing provides tech services including a website portal to two student loan companies, Edfinancial and OSLA services. Student loan registration information including names, addresses, email addresses, phone numbers and social security numbers, were readily accessible as a result of the hack during the months of June and July of 2022. 

Cyber-Warfare Between Nation-States: In 2022, there were many notable cyber events related to everything from reconnaissance and espionage to hacks against critical infrastructure. These kinds of military cyber operations were evident in the attacks carried out on both sides of the Russia-Ukraine war, as well as in cyber-attacks that were related to other long-standing conflicts between established belligerents. 

The Ukraine conflict included the Russian-based Hermetic Wiper attacks that devastated private and public entities in Ukraine by wiping out data on Windows-based computing systems, as well as the February 2022 distributed-denial-of-service (DDoS) attacks against financial entities in Ukraine. Additionally, the months after the conflict started saw hacktivism groups sympathetic to Russia organizing cyber-attacks via the messaging app Telegram.

Outside of Ukraine, the summer saw Iran’s state-owned Khuzestan Steel Co. and two other steel producing entities, temporarily stop production after suffering an Israel-based cyber-attack. The Israeli hacking group claiming responsibility said it targeted Iranian steel companies in response to the “aggression of the Islamic Republic.”

Lastly, China’s Advanced Persistent Threat group known as APT41 was responsible for stealing at least $20 million in COVID relief (Small Business Administration loans and unemployment insurance). The United States Secret Service told NBC News that there are currently over 1,000 ongoing investigations into the defrauding of public benefits programs, with China’s APT41 being “a notable player.”

Espionage Operations Target Policy Though Leaders: A North Korean APT known as Kimsuky targeted individuals who carry influential in foreign governments in an effort to attempt to decipher where Western policy may be headed on NoKo.

In October, Daniel DePetris, who is a U.S.-based foreign affairs analyst, received an email that claimed to be from the director of the 38 North think-tank, Jenny Town, commissioning a policy article. But, it was actually sent by a member of Kimsuky. 

Despite these government-sponsored attacks, most of the cyber-attacks that occur on a daily basis still mainly target individuals. Whether it’s ransomware or browser hijackers taking you to dangerous sites loaded with malware, with each passing year the likelihood increases that you will be the victim of an online attack. 

Despite federal agencies like the Cybersecurity and Infrastructure Security Agency (CISA) investing billions of dollars towards keeping Americans safe, wildcards like the Log4Shell Vulnerability exist, and there just aren’t enough resources available to keep all Americans safe. So, in all likelihood, next year, much like this year, may play host to the most cyberattacks ever.

Julio Rivera is a business and political strategist, Editorial Director for Reactionary Times, and a political commentator and columnist. His writing, which is focused on cybersecurity and politics, has been published by many of the most heavily trafficked websites in the world.