Skip to main content

SWK Cybersecurity News Recap July 2022

By July 22, 2022No Comments


A Look at Top Cybersecurity News from June – July 2022

June through July 2022 have been yet more eventful months for cybersecurity news, so this SWK recap will focus on the top stories that impact your business the most, including updates on the general state of security as of more than half through the year. New incidents, ransomware campaigns and bug notices add more weight to significant discussions around the nation’s cyber defenses, while events continue to flow overseas that could have lasting consequences on how the US approaches data security.

State of Cybersecurity in July 2022

2022 has continued the trend of relentless cyber attacks and seems to have added on a frequent stream of new bugs for good measure, with the biggest exploit in years seen with the Log4j error. Ransomware has not seemed to slow down either, with new strains and entire gangs appearing in the wild regularly.

Attacks and Malware in the Wild

June through July 2022 featured more recorded breaches than can be listed here, and in spite of a drop in the number of ransomware victims since attacks spiked tremendously in the First Quarter, several prolific perpetrators continue to take credit for almost daily extortions. Perhaps one piece of good news is that it seems as though the volume of ransoms may be starting to drop in favor of traditional malware; however, organizations still have to take care to protect against data theft in either case, as the remaining players are increasingly using double extortion techniques.

Here are some of the strains, gangs and attacks uncovered by researchers over the past two months:

Bug Notices

Bugs are becoming as ubiquitous as cyber attacks, and CISA has released multiple alerts to patch several critical vulnerabilities, including a few found in broadly-used Microsoft products. The top cybersecurity news in this space, though, is still the Log4j flaw as CISA’s new Cyber Safety Review Board reported that its impact would be present for “years” (the good news, however, is that it has not been used for any major exploits).

Vulnerable Industries

The renewed national focus on network security is also bringing back to light the particular susceptibility of several industries to external attacks, specifically from gaps in technology as well as in cyber hygiene practices (as well as political concerns with telecoms and social media in China). This has impacted these sectors in different ways, between addressing growing individual cases of theft to trying to recoup billions of dollars from devastating losses, but it is bringing to the forefront the need for widespread information security across every market.

Here are some of the industries being singled out in the latest news for cybersecurity concerns:

  • Education
  • Healthcare
  • Pharmaceuticals
  • Financial Services
  • Utilities
  • Oil & Gas
  • Medical Device Manufacturing
  • Defense Contractors
  • Cloud Services & Storage
  • Federal Civilian Agencies
  • Discrete Manufacturing

Impact of New Technology

Technology new and old have come under the microscope for their own security dilemmas, but with the former there is a constant fear that a lack of understanding and practice standardization will inherently lead to exposure. Even more contemporary solutions like the cloud and IoT seem to be facing renewed scrutiny as the pace of hygiene procedure adoption still lags behind the speed at which tools are implemented, and many organizations still struggle to consistently one to meet the other. Now, however, technologies like AI and quantum computing are being added to the conversation as both businesses and regulators try to get ahead of potential problems.

US Federal Cybersecurity News Updates

Just as 2022 has been a busy year for cybercriminals and nation-state hackers, it has also been a busy year for federal and local governments trying to contain the issues at hand while curbing emerging security developments. While some experts laud these initiatives, others claim they are not enough and more still needs to be done to ensure widespread cybersecurity at the national level.

Cyber Bills Passed

Hundreds of bills have been passed in the US at both the federal and state levels throughout 2022 that have either focused primarily on addressing a cybersecurity issue or have included provisions to address such concerns along with other stipulations. These include:

Several more pieces of legislation are still being reviewed in the House, Senate, or between both chambers of Congress as they negotiate amendments to various provisions and language as of this writing. These include:



Biden’s Cybersecurity Focus

Several news outlets have reported that a document outlining the Biden administration’s cybersecurity strategy going forward is being drafted at the time of this writing, solidifying the direction the White House envisions for the nation’s security standards. Statements who claim to be close to the process as well as predictions from experts and a few officials not directly involved indicate the key theme will be encouraging greater coordination between business and the federal government on cyber incident response.

US Cyber Initiatives Going Forward

Besides the Biden administration, many other public officials as well as thought leaders in the private sector are pushing for greater visibility in reporting, among other initiatives aiming to improve (or catch up) the US’s cyber defense standards. Several agencies are also increasing regulatory controls as much as they are able, along with promoting more awareness and education among their constituents.

Nation-State Cyber War News

The ongoing cyber Cold War between mostly NATO, Russia and China is in large part driving a good portion of malicious activity as both nation-state and state-sponsored hackers (as much as that line can be clarified) keep up a momentum that spiked with the war in Ukraine. Besides spillover from the digital side of this conflict, pre-existing tensions as well as relationships within the cybercrime ecosystem are propelling a complex web of infiltration and exploitation campaigns.

Ukraine Invasion Updates

Despite the invasion being somewhat overshadowed in the recent news cycle by several major domestic issues stateside, the situation in Ukraine has remained mostly the same between June and July 2022, especially on the cybersecurity front. Ukrainian network security personnel – along with both local and overseas support – continue to respond to attacks that most likely originate from Russia or allied nations, though they have reported a noticeable increase in malware activity over the past few months.

North Korea in Spotlight

North Korea has been a frequent highlight in the news lately for a variety of different reasons, including a significant among of hacking activity. The conflict in Ukraine has given Kim Jong-un multiple opportunities to strengthen his relationship with Putin, which could easily include malware campaigns that would help provide desperately-needed revenue in addition to helping fulfill their ally Russia’s political goals.

Here are some of the top stories around recent suspect hacking attempts by North Korean operatives:

More Russian Cyber Attacks

Despite Russian cyber warfare efforts in Ukraine falling below the apocalyptic-level predictions many had made previously, their security services have continued to make use of their hacking tools and strategies persistently. Though much of the malicious activity has centered on targets tied to the war in Ukraine, researchers have tracked suspected cyber spies effectively navigating through digital spaces – like cloud storage services – and still claiming victims across various industries with ransomware.

Get More Cybersecurity News Updates from 2022

Though the above includes many of the top stories from July’s cycle, there is still plenty more cybersecurity news from the rest of the month as well as from all of 2022 that could have an impact on your business. Talk to our expert consultants to learn more about the latest developments in infosec and what your company needs to do to keep your cyber defenses up to date.

Contact SWK here to get in touch with an expert and learn how to secure your data against the latest cyber threats.

Get a Deeper Cybersecurity News Recap for July 2022

Close Menu
SWK Technologies