Cisco Unveils the Latest Security Trends: Ransomware Accounted for Over 20% of Global Total Attacks in 2022

• Fewer cyberattacks were reported in the first half of 2022
• Professionalization of cybercrime increasing with the hybrid work environment
• Education sector top affected industry for the year

Cisco revealed the company’s security insights as observed in the latest Cisco Talos annual report, titled ‘Cisco Talos: Year in Review 2022’ (“Report”). The Report delves into several major trends across the threat landscape in 2022, as well as new behaviors from commodity loaders that will continue to be present in 2023 and beyond. 

Commenting on the report’s findings, Salman Faqeeh, Managing Director, Cisco Saudi Arabia, said: “With cyber-attacks becoming increasingly coordinated and far more advanced than ever before, we have seen several organizations in KSA allocate more resources to cybersecurity to protect their assets and data.”

He added: “Cisco aims to be at the heart of solving and mitigating these arising cyber risks as we will continue driving rapid detection and protection for our customers in the Kingdom. Be it device and endpoint protection, network security, or locking down apps and data – our cyber protection spans across industries and targets known and emerging threats, stop threats in the wild, and protects the internet at large.” 

The report is compiled by Cisco Talos Intelligence Group, one of the largest commercial threat intelligence teams in the world, comprised of world-class cyber security researchers. Their findings show that the intensity of ransomware, information theft, commodity malware, and exploitation of known vulnerabilities decreased significantly worldwide between February and June, as threat actors focused on the Russia-Ukraine attack space. After a short break, organized cybercrime came back stronger than before in the second half of the year with top threats in 2022 including: 

Ransomware: In 2022, ransomware continued to be a significant threat to organizations across the globe with ransomware attacks making up nearly 20 percent of threats in 2022. The threats have been observed to be more sophisticated, and the attacks can cause severe disruptions to business operations, result in data loss, and damage a company's reputation. Ransomware groups targeted the education sector very strongly as these institutions are considered high-value targets, especially since they have a low tolerance for downtime.

APT groups: Advanced Persistent Threat (APT) groups have expanded their operations over the past year, with state-sponsored increasingly using supply chain attacks, zero-day vulnerabilities, and social engineering tactics to gain access to target systems and networks.

Log4j: The vulnerability in the Apache software's Log4j shared library continued to be highly targeted by threat actors throughout 2022. Attempts to exploit this vulnerability have remained consistently high, with attacks over the past year being attributed to a variety of actors, ranging from simple cybercriminals to professionally organized APT groups. 

Looking ahead 

In 2023, it has become crucial to ensure that robust and multi-layered security strategies are in place to prevent, detect, and respond to ransomware attacks effectively. The report also emphasizes the need for organizations to prioritize employee education and awareness programs to ensure that everyone in the organization understands the risks of ransomware and knows how to respond in case of an attack. Sharing threat intelligence and collaborating with industry peers, government agencies, and cybersecurity vendors will also assist in improving collective defense against APT groups.