While COVID-19 is arguably one of the biggest catalysts prompting organisations to rethink their cybersecurity readiness, the cyber threat landscape in 2022 reflected a gaping trust deficit, exacerbated by geopolitical tensions in an increasingly fragmented world.
PwC's Cyber Threats 2022: A Year in Retrospect report covers a selection of our analysis over the course of 2022. The report leverages proprietary capabilities, access to commercial tools and open source, as well as observations from incident response cases and other cyber engagements worked on by PwC firms across the network, including in Malaysia.
The 2022 report hones in on how malicious threat actors have evolved in their modus operandi, their tools and their thinking, challenging the defences of countries and organisations. From the various case studies and illustrations shared in the report, the message to organisations is clear: no entity is immune to cyber attacks.
Indeed, Malaysian organisations are not insulated from events taking place in geographically dispersed locations given the interconnected nature of supply chains and sectors.
Geopolitics reflected in threat actor activities around the world
In 2022, phishing activities by Russia based threat actors targeted an array of countries and organisations around the world. The level of sophistication displayed by these threat actors is disconcerting considering how well they adapted and continued effective operations despite being actively pursued by both commercial and government security organisations.
China-based threat actors showed no signs of slowing down either, increasingly optimising their operations and leveraging shared proxy resources. Organisations within the telecommunications sector were among the most vulnerable.
Throughout 2022, Iran-based threat actors continued to conduct espionage motivated attacks against victims in the Middle East, Europe and North America. In some cases, they doubled down on destructive attacks that included wipers, ransomware and “hack-and-leak” attacks.
Looking ahead
Amidst the mushrooming of ransomware attacks and credential stealing malware, organisations will need to focus their defence on rigorous patching to bolster their security strategies and wear down attackers.
Organisations will need to be prepared for more frequent attacks powered by an increasingly commoditised Access-as-a-Service cyber criminal ecosystem. The detection logic provided in the report can assist defenders in scanning their own systems and networks to find malicious threat actors.
Public-private partnerships will continue to play a pivotal role in sharing intelligence and combating cybercrime collectively.
