Ransomware is malicious software used by cybercriminals to block systems or encrypt data and demand ransom payments to unlock access to these resources.
In this article, we show you the biggest ransomware attacks of 2022 that caused data leaks. Check it out:

Ransomware attacks continue to grow and concern businesses and government organizations around the world.

This is because hackers take advantage of their security flaws to lock down systems or encrypt data, demanding ransom payments for unlocking these resources, and institutions usually make the payment, fearing the social repercussions.

According to a study conducted by Cloudwards, in 2021, 37% of all companies were targeted by ransomware and 32% paid the ransom, recovering only 65% of their data. In this article, we are going to show you the biggest ransomware attacks of 2022 in terms of data leaks.

To facilitate your reading, we divided our text into topics. These are:

1. What Is a Ransomware Attack?

2. What Is the Average Cost of Ransomware Recovery?

3. Who Were the Top Five Ransomware Targets in 2022?

4. Supply Chain Attacks: Trend for 2023

5. Did Ransomware Attacks Increase in 2022?

6. How Often Did Ransomware Attacks Occur in 2022?

7. About senhasegura

8. Conclusion

Enjoy the read!

1. What Is a Ransomware Attack?

Ransomware is a type of malware used by hackers to block access to a system or encrypt data. Malicious attackers demand ransom money from their targets for releasing this information.

After a ransomware infection, victims have the alternative of paying the ransom or trying to remove the malware.

There are two types of ransomware: blocking and encryption ransomware. The first blocks basic computer functions, making it inoperable. In this type of ransomware, it is not common for data to be completely destructed.

In encryption, cybercriminals do not interfere with the basic functions of the computer, but encrypt important data and victims end up paying the ransom to get their files back.

2. What Is the Average Cost of Ransomware Recovery?

According to Sophos’ State of Ransomware 2022 report, average ransomware recovery costs are $1.40 million, compared to $1.85 million in 2021. This reduction has occurred because this type of attack became more frequent, but the damage to the reputation of companies decreased.

Moreover, insurance providers have effectively guided ransomware victims through the incident response process, which reduces remediation costs.

In contrast, Cybersecurity Ventures points out that, by 2031, ransomware is expected to cost $265 billion.

3. Who Were the Top Five Ransomware Targets in 2022?

The targets of the top five ransomware attacks of 2022 in terms of data leaks were:

• Nvidia;
• Government of Costa Rica;
• Bernalillo County, Albuquerque, New Mexico;
• Toyota; and
• Bridgestone.

Learn more about each of them:

Nvidia

In February 2022, the world’s largest semiconductor chip company has suffered a ransomware attack. According to the company, hackers have begun leaking employee credentials and information online.

Responsible for the attack, the Lapsus$ ransomware group had access to 1TB of data exfiltrated from the company and demanded $1 million and an unspecified fee percentage from Nvidia as ransom.

According to media reports, parts of Nvidia’s business went offline for two days. Nevertheless, the company denied that the attack had affected its operations.

At the time, the organization strengthened its security to respond to the attack and relied on experts in response to cyber incidents to contain the problem.

The organization is also believed to have hacked Lapsus$ members and installed a ransomware infection on their systems, which has not been confirmed.

Government of Costa Rica

This case became well known, as it led the government of Costa Rica to declare a national emergency. The first ransomware attack in the country took place in April and impacted government services and private companies involved with import and export.

At the time, the Conti ransomware group – responsible for this attack – demanded that the government pay $10 million and then doubled the amount.

On May 31, a new attack, associated with the criminal group HIVE, affected Costa Rica’s social security fund and shut down the country’s healthcare systems.

This warns us that entire nations could be harmed by a lack of cybersecurity protection solutions and capabilities for government officials.

Bernalillo County, Albuquerque, New Mexico

In January 2022, New Mexico’s largest county was targeted in a paralyzing ransomware attack that took several government departments and offices offline.

This attack shut down surveillance cameras and automatic doors at the Metropolitan Detention Center, forcing inmates to be confined to their cells due to failures in the electronic locking system.

This incident caused the violation of a 25-year agreement related to the conditions of confinement of prisoners, which the county was unable to comply with, having to send an emergency notice to the federal court.

This experience alerts us that ransomware attacks can harm people’s well-being and the operations of businesses and government agencies in many ways.

Toyota

In early 2022, three Toyota suppliers were hacked. Kojima Industries was impacted by a cyberattack (not necessarily ransomware) and Toyota had to shut down its activities in 14 units of its Japanese factories. This attack is believed to have resulted in a 5% reduction in the organization’s monthly production capacity.

Then, over eleven days, two other Toyota suppliers – Denso and Bridgestone – were targeted by ransomware attacks. Due to an attack by the Lockbit group, Bridgestone had to shut down its computer networks and production facilities in Central and North America. The attack on Denso is attributed to the Pandora ransomware group.

Bridgestone

The LockBit ransomware group performed a ransomware attack against one of the world’s largest tire manufacturers in February 2022. The company tried to mitigate the threat by disconnecting manufacturing and refurbishment facilities in North America and Latin America from the network, but had to shut down operations for a week.

4. Supply Chain Attacks: Trend for 2023

Supply chain attacks, such as the one that occurred with Toyota, are a trend for 2023. In this type of cyberattack, cybercriminals target an organization’s providers, which puts customer operations at risk.

According to a recent survey by Ponemon Institute and Mastercard’s RiskRecon, only 34% of companies believe their suppliers would notify them in the event of a sensitive data breach, which demonstrates that supply chain attacks are underreported.

According to the X-Force Threat Intelligence Index 2022, at least 62% of organizations worldwide have faced a supply chain attack this year.

5. Did Ransomware Attacks Increase in 2022?

The IBM Security Cost of Data Breaches 2022 report provides some relevant information about ransomware breaches in 2022.

According to the document, there was a small reduction in the cost of breaches caused by ransomware, which fell from $4.62 million in 2021 to $4.54 million in 2022. On the other hand, the frequency of violations caused by this type of invasion has increased from 7.8% in 2021 to 11% in 2022.

According to the IBM Security Cost of Data Breaches 2022 report, a ransomware attack takes 237 days to be identified and 89 days to be contained, with a total lifecycle of 326 days.

6. How Often Did Ransomware Attacks Occur in 2022?

As we mentioned in the previous topic, the frequency of breaches caused by ransomware has increased from 7.8% in 2021 to 11% in 2022.

7. About senhasegura

We, from senhasegura, are part of MT4 Tecnologia, a group of companies specializing in digital security, founded in 2001 and operating in more than 50 countries.

Our main objective is to ensure digital sovereignty and security for our clients, granting control over privileged actions and data and avoiding theft and leaks of information.

For this, we follow the lifecycle of privileged access management through machine automation, before, during, and after accesses. We also work to:

• Avoid interruption of companies’ activities, which may impair their performance;
• Provide advanced PAM solutions;
• Automatically audit privileged changes in order to identify privilege abuses;
• Automatically audit the use of privileges;
• Reduce cyber threats; and
• Bring organizations into compliance with audit criteria and standards such as HIPAA, PCI DSS, ISO 27001, and Sarbanes-Oxley.

8. Conclusion

In this article, you saw that:

• Ransomware is a type of malware used by hackers to block access to a system or encrypt data and demand ransom money for releasing such information;
• There are two types of ransomware: blocking and encryption ransomware;
• Average ransomware recovery costs are $1.40 million;
• The targets of the top five ransomware attacks of 2022 in terms of data leaks were: Nvidia; the Government of Costa Rica; Bernalillo County in Albuquerque, New Mexico; Toyota; and Bridgestone.

Was our article on the biggest ransomware attacks of 2022 in terms of data leaks relevant to you? Then share it with someone also interested in the topic.