Top 10 Most Expensive Cyberattacks of 2022 and What Lessons You Can Learn From Them

2022 was an expensive year for businesses that became the target of cybersecurity attacks. According to the cost of data breach report 2022, the average cost of a data breach increased by 2.6% from $4.24 million in 2021 to $4.35 million in 2022. As the cost of cybersecurity attacks and data breaches continues to rise, we see businesses take them more seriously.

It is important for businesses to learn lessons from previous cybersecurity attacks so they can protect themselves in the future. That is why we have created a list of the ten most expensive cyberattacks of 2022. In this article, Anti-Dos will highlight the ten most expensive cyberattacks of 2022 and what lessons you can learn from them.

Table of Contents

10 Most Expensive Cyberattacks of 2022

  1. Twitter
  2. Red Cross
  3. Nvidia
  4. Austin Peay State University
  5. Florida International University
  6. UK National Health Service
  7. Rockstar Games
  8. Uber
  9. Medibank
  10. Government of Costa Rica
    10 Most Expensive Cyberattacks of 2022
    Here are the ten costliest cyberattacks of 2022 and what it teaches businesses in 2023.

10 Most Expensive Cyberattacks of 2022

Here are the ten costliest cyberattacks of 2022 and what it teaches businesses in 2023.

  1. Twitter

In early 2022, a cybercriminal took advantage of a weakness in Twitter’s system to obtain the names, phone numbers, and email addresses of close to 6 million users. This information was likely combined with other data obtained from the internet and offered for sale on a black market website for hackers. The breach allowed the attacker to access and steal the personal details of a large number of Twitter users.

2. Red Cross

Hackers exploited a flaw in the Red Cross’ enterprise password management platform, which was used to support their family reunification program, which helps families separated by conflict, migration, or disasters reconnect. The attack appears to have been carried out by state-sponsored actors, as it was specifically tailored to the Red Cross’ systems. The attackers were able to maintain access to the system for over 70 days and gained access to the personal information, including location, of over 515,000 individuals enrolled in the reunification program.

3. Nvidia

This year, the Lapsus$ ransomware group hacked Nvidia, a microchip company, and stole one terabyte of data, including the usernames and encrypted passwords of over 70,000 Nvidia employees. The gang claimed responsibility for the attack and initially demanded that Nvidia remove a feature that makes their graphics cards less suitable for cryptocurrency mining. They later changed their demand to requesting open-source graphics drivers for all future cards. The group threatened to publicly release the stolen data if Nvidia did not comply with their demands.

4. Austin Peay State University

Austin Peay State University was hit by a ransomware attack just before the start of final exams, causing widespread disruption on campus. Since they don’t have ransomware protection or Anti DDoS in place, they suffered. In response, the university instructed faculty, staff, and students to disconnect their university computers from the network and refrain from using any university devices, either on campus or at home. Personal devices such as laptops and cell phones were still able to access email and other resources. As a result of the attack, the university had to cancel final exams and close all computer labs.

5. Florida International University

Florida International University was targeted in a ransomware attack carried out by the ALPHA/BlackCat gang, who had also attacked North Carolina Agricultural and Technical State University (A&T) just weeks earlier. During the attack on Florida International University, the hackers were able to steal 1.2 terabytes of sensitive data, including social security numbers, accounting documents, and email databases. At the time, the university claimed that there was no evidence that the attack had resulted in any information being compromised. However, subsequent analysis by security researchers confirmed that the stolen data was genuine.

6. UK National Health Service

An attack on the NHS, which provides infrastructure for many health organizations, lasted for six months and involved the compromise of over 100 NHS employee accounts. These accounts were used to send phishing emails, some of which attempted to steal Microsoft login credentials. The emails were disguised as fake document download alerts and included an NHS disclaimer. Despite the NHS switching to Office 365, a small number of these fraudulent emails continued to be sent.

7. Rockstar Games

An attacker was able to gain access to Rockstar Games’ internal systems and download the complete source code for Grand Theft Auto 5 and 6, as well as other confidential information. The attack was carried out by targeting collaboration tools used by the company’s developers, such as Slack and Confluence Wiki. It appears that the attackers were more interested in extortion than in publishing the stolen data.

8. Uber

This year, Uber faced an attack that highlighted the dangers of social engineering. The attackers were able to bypass the company’s defenses by sending a fake two-factor authentication notification that prompted the victim to click on a link to verify a request. Once the employee’s account was compromised, the attackers used Uber’s virtual private network to access internal network resources. They gained access to the company’s privilege access management service, used it to escalate their own account privileges, and claimed to have access to several Uber systems, including AWS, Duo, GSuite, OneLogin, Slack, VMware, and Windows.

9. Medibank

Health insurer Medibank was hit by a costly attack that affected all of its 3.9 million current and former customers. The attackers demanded a ransom of $9.7 million in exchange for not publishing the stolen data, which Medibank refused to pay. In response, the criminal gang threatened to release the data on a daily basis until the ransom was paid. Even before accounting for customer compensation, and regulatory and legal costs, the attack was estimated to cost Medibank between $25 million and $35 million. To further offset the financial impact of the attack, Medibank delayed insurance premium increases until January 2023, which will cost the company an additional $62 million.

10. Government of Costa Rica

The government of Costa Rica was recently forced to declare a state of emergency due to a sustained ransomware attack on its critical systems. This caused delays in the payment of government workers, who were asked to request their salaries through email or paper-based methods. The attack also disrupted the country’s tax and customs systems, leading to a breakdown in its import/export logistics. The Conti ransomware gang, which claimed to be trying to overthrow the government, demanded a ransom of $20 million. The gang released an estimated 50% of the data they stole during the prolonged attack. The Costa Rican government has not yet paid the ransom.

Which is the most dangerous cyberattack of 2022 in your opinion and why? Share your thoughts with us in the comments section below.

Leave a Comment