Vulnerabilities in 2022 have increased by 23% compared to 2020.
As the year 2022 draws to a close, it is time to take a look at the most common cyber-attack threats faced by private companies and professionals, as well as public administrations and organisations.
In recent years, the number of these attacks has increased both in number and impact. The report “Cyberthreats and Trends 2022”, prepared by the CCN-CERT of the National Cryptologic Centre, indicates that 28,695 vulnerabilities were detected in 2021, an increase of 23 % compared to 2020. The public and healthcare sectors, along with banking and financial institutions, are the main targets of cyberattacks.
Most common types of cyber incidents in 2022
During 2022 the main types of cyber-attacks according to BeDisruptive have been:
- Ransomware, especially the so-called double extortion as well as the so-called Ransomware as aService (RaaS), with operators even developing ransomware platforms accessed by third parties to launch their own attacks for a fee.
- Social engineering: These types of strategies always rely on a human element to succeed. The most common are phishing, impersonation, spoofing and fraud.
- Threats to data and data availability: From distributed denial of service (DDoS) attacks to data breaches and data leakage, the goal of these types of attacks is to make a service, information or resource inaccessible to its users.
- Supply chain attacks: With organisations employing increasingly complex and sophisticated systems, more elements are susceptible to attack, such as threats targeting software developers and vendors in order to gain access to source code or updates via legitimate applications through which malware is distributed.
- Disinformation campaigns: Social networking algorithms, microtargeting and artificial intelligence facilitate the possibility of generating threats in the form of malicious information by spreading disinformation.