Second Quarter 2022: Continuing the Theme

Continuing along the theme the bad guys established in the first quarter of 2022, we see some major breaches exploiting weaknesses and vulnerabilities in the second quarter as well.

Ransomware continued and will continue to dominate the 2022 threat landscape, as we witness operators taking new approaches with new techniques. A significant ransomware trend in 2021 was the increase in adversaries expanding their threats beyond data encryption. Multiple ransomware groups pivoted to stealing and exfiltrating data before encrypting it, then demanding payment to prevent the data from leaking publicly on a dark web site.

We have also seen a follow-on to the crypto hacking surge in Q1 with Harmony’s Horizon Bridge becoming the latest cross-chain vehicle to be hacked in the world of crypto, suffering a $100 million loss in late June that represents two-thirds of its total capital.

There is no one simple way to prevent ransomware, and at the end of the day, everything involving malware as an attack vector is ransomware and should be seen in that context. In our view, re-examining your cybersecurity strategy through the lens of the Zero Trust foundation principles and then identifying those pieces that need to be pulled into alignment with those principles is a great place to start.