Deloitte Cyber Trends & Intelligence Report 2022

The start of 2022 was an omen for heightened cyber risks soon to come.
In the new year, rising tensions between countries increased geopolitical
risks, and auto parts manufacturers fell victim to ransomware that ultimately
forced affiliated original equipment manufacturers (OEMs) to shut down their
production lines.

International conflicts and cyberattacks have also shifted. A new form
of cyber warfare between countries is emerging in the unprecedented structure of “cyber armies” composed of hacktivists and civilians recruited by states to participate in attacks on other countries and their critical infrastructure.

The ransomware epidemic has also continued to wreak havoc with several
large-scale incidents. Double extortion ransomware, a newer and increasingly prevalent subcategory of ransomware, randomly targets vulnerable or improperly configured internet-connected devices, regardless of industry or target demographic. It has also proven capable of significantly impacting our everyday lives. Recent incidents have sparked renewed discussions over supply chain risks and how a company’s own production could be impacted by ransomware attacks suffered by their business partners.

Based on analysis by Deloitte Japan’s Cyber Intelligence Centre, this report (a translation of an excerpt from Deloitte’s Cyber Trends & Intelligence Report 2022 in Japanese) examines threat trends of double extortion ransomware and considers potential countermeasures such as attack surface management (ASM), an approach that has recently gained considerable interest in addressing supply chain risks, among other areas.