Governments are the new front in the ongoing cyberwar, says Tokio Marine HCC

Cybercrime continues to rise, with entire governments, as well as individual businesses, falling victim to “regular and often devastating attacks”, according to Tokio Marine HCC International’s (TMHCCI) latest annual Cyber Incidents Report.

Russia’s use of cyber warfare in Ukraine tops the reports table of cyber incidents. Several attacks before the invasion targeted Ukraine government websites, banks and radio stations with massive DDoS attacks.

It was not the only country that suffered, however. Almost 30 of Costa Rica’s government institutions came under attack in April, taking tax, import and export operations offline for several days. Russian hackers responsible for the attack demanded a $10m ransom, while the Costa Rican government lost approximately $30m each day its systems were down. In Europe, meanwhile, Russian hackers directed a DDoS attack against the Finnish Parliament’s external websites.

“We decided to pay a friendly visit to neighbouring Finland, whose authorities are eager to join NATO,” the hackers wrote.

Business remains the most common target, however, with global brands such as Revolut, SHEIN, Twitter and UK bank TSB all facing reputational or financial costs following cyberattacks in 2022. Perhaps most concerning, says the report, is the vulnerability of many of the world’s leading IT providers. In late September, two new Microsoft Exchange vulnerabilities were discovered and disclosed – a potential “systemic risk of incalculable consequences to a range of organisations”.

“Cyber incidents aren’t just increasing in volume and cost. They are becoming larger, more sophisticated, coordinated and damaging, and governments are very much in the cyber criminal’s crosshairs,” said report author and TMHCCI cyber security leader Isaac Guasch. “Increasingly, hackers are testing unprepared governments in the pursuit of a ransom or to score political points.”