Cyber Threats 2022: A Year in Retrospect
Contents
Cyber Threats
2022: A Year in
Retrospect
Throughout 2022, the cyber threat landscape reflected real world
events and geopolitical tensions, with much of the year impacted by
the Russian invasion of Ukraine. Log4Shell ushered in a chaotic start
to 2022 and highlighted the positive impact of industry collaboration, as
well as the criticality of patching and understanding the footprint of
widely used software in environments.
Log4Shell was an edge case in terms of vulnerabilities disclosed in 2022, as threat actors
continued to make use of known vulnerabilities, exploits and tools (e.g. Cobalt Strike) when
conducting their attacks. However, throughout 2022 we also saw threat actors ranging in
motivation and sophistication employing enhanced tooling and frameworks, as well as
modifying their behaviours to outmanoeuvre security practices implemented by defenders.
Further, threat actors increasingly targeted cloud environments as well as identity and
privileged access capabilities in 2022.
As the Russian invasion escalated into full scale war, Ukraine along with other governments
and cyber security organisations around the world …
2022: A Year in
Retrospect
Throughout 2022, the cyber threat landscape reflected real world
events and geopolitical tensions, with much of the year impacted by
the Russian invasion of Ukraine. Log4Shell ushered in a chaotic start
to 2022 and highlighted the positive impact of industry collaboration, as
well as the criticality of patching and understanding the footprint of
widely used software in environments.
Log4Shell was an edge case in terms of vulnerabilities disclosed in 2022, as threat actors
continued to make use of known vulnerabilities, exploits and tools (e.g. Cobalt Strike) when
conducting their attacks. However, throughout 2022 we also saw threat actors ranging in
motivation and sophistication employing enhanced tooling and frameworks, as well as
modifying their behaviours to outmanoeuvre security practices implemented by defenders.
Further, threat actors increasingly targeted cloud environments as well as identity and
privileged access capabilities in 2022.
As the Russian invasion escalated into full scale war, Ukraine along with other governments
and cyber security organisations around the world …